ImageMagick up to 7.0.8-49 coders/bmp.c ReadBMPImage denial of service

A vulnerability classified as problematic was found in ImageMagick up to 7.0.8-49 (Image Processing Software). Affected by this vulnerability is the function ReadBMPImage of the file coders/bmp.c. The manipulation with an unknown input leads to a denial of service vulnerability (Memory Leak). The CWE definition for the vulnerability is CWE-404. As an impact it is known to affect availability.

The weakness was presented 07/01/2019. This vulnerability is known as CVE-2019-13133 since 07/01/2019. Technical details of the vulnerability are known, but there is no available exploit.

Applying the patch 7.0.8-50 is able to eliminate this problem.

See 137146, 137145, 137144 and 137147 for similar entries.

Type

Name

VulDB Meta Base Score: 3.5
VulDB Meta Temp Score: 3.4

VulDB Base Score: ≈3.5
VulDB Temp Score: ≈3.4
VulDB Vector: 🔒
VulDB Reliability: 🔍

VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Class: Denial of service / Memory Leak (CWE-404)
Local: Yes
Remote: No

Availability: 🔒
Status: Not defined

Price Prediction: 🔍
Current Price Estimation: 🔒

Threat Intelligenceinfoedit

Threat: 🔍
Adversaries: 🔍
Geopolitics: 🔍
Economy: 🔍
Predictions: 🔍
Remediation: 🔍Recommended: Patch
Status: 🔍

0-Day Time: 🔒

Patch: 7.0.8-50

07/01/2019 Advisory disclosed
07/01/2019 +0 days CVE assigned
07/02/2019 +1 days VulDB entry created
07/02/2019 +0 days VulDB last updateProduct: imagemagick.org
CVE: CVE-2019-13133 (🔒)
See also: 🔒Created: 07/02/2019 07:06 AM
Complete: 🔍

Comments are closed.