Showing 1 - 2 of 2

CVE-2020-12672

Status Candidate

Overview

GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.

Ubuntu Security Notice USN-5974-1: Posted Mar 28, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5974-1 - It was discovered that GraphicsMagick was not properly performing bounds checks when processing TGA image files, which could lead to a heap buffer overflow. If a user or automated system were tricked into processing a specially crafted TGA image file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that GraphicsMagick was not properly validating bits per pixel data when processing DIB image files. If a user or automated system were tricked into processing a specially crafted DIB image file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.; tags | advisory, denial of service, overflow, arbitrary; systems | linux, ubuntu; advisories | CVE-2018-20184, CVE-2018-20189, CVE-2018-5685, CVE-2018-9018, CVE-2019-11006, CVE-2020-12672, CVE-2022-1270; SHA-256 | 7ea27cb3a38cff5a0c8bad949c6dd1e461ab1eb50381661f2ce89696c5df6f0c; Download | Favorite | View

Gentoo Linux Security Advisory 202209-19: Posted Sep 30, 2022; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202209-19 - Multiple vulnerabilities have been discovered in GraphicsMagick, the worst of which are fuzzing issues presumed to allow for arbitrary code execution. Versions less than 1.3.38 are affected.; tags | advisory, arbitrary, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2020-12672, CVE-2022-1270; SHA-256 | ce81f88ef1dacfc7f245a7c4901fb01be1706eb8ca10d234347e0653b483d84a; Download | Favorite | View

Page 1 of 1 Back 1 Next