CVE-2020-19667 Image Magick (Stack based Buffer Overflow)

Virsec Security Research Lab Vulnerability Analysis

The Virsec Security Research Lab provides detailed analysis on recent and notable security vulnerabilities.

1.1        Vulnerability Summary

A stack-based buffer overflow and unconditional jump in function ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7 allows for an out-of-bounds-write.

CVE-2020-19667: Image Magick Stack Buffer Overflow. Virsec Risk Index: 91%

Watch the video to learn more about this and other important vulnerabilities.

1.2        CVSS Score

The CVSS Base score of this vulnerability is 7.8 High ( CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

1.3        Affected Version

ImageMagick 7.0.10-7 Q16 x86_64 2020-04-10

1.4        Vulnerability Attribution

This vulnerability was a consequence of an incomplete fix for vulnerability in CVE-2019-1003005. It appears to have been found by Jenkins directly. 

1.5        Risk Impact

ImageMagick® is a popular open source tool that is used to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats (over 200) including PNG, JPEG, GIF, HEIC, TIFF, DPXEXR, WebP, Postscript, PDF, and SVG. ImageMagick can resize, flip, mirror, rotate, distort, shear and transform images, adjust image colors, apply various special effects, or draw text, lines, polygons, ellipses and Bézier curves. This vulnerability will allow an attacker to perform a variety of actions such as crash the server or perform remote code execution on the victim machine. A publicly available exploit is posted here.

1.6        Virsec Security Platform (VSP) Support

The Virsec Security Platform (VSP)- Web can detect and protect against buffer overflow vulnerability and can save its customers from this type of attack.

1.7        Reference Links

Download the full vulnerability report to learn more about this and other important vulnerabilities.

About the Author
Satya Gupta is Virsec’s visionary founder, with over 25 years of expertise in embedded systems, network security and systems architecture. Satya has helped build and guide the company through key growth phases from initial funding (2015), developing core technology with key partners including Raytheon and Lockheed (2016-2018), to launching an enterprise class, GA product (2019). Prior to this, Satya built a highly profitable software design and consulting business targeting data networking, application security and industrial automation projects. He was also Director of Firmware Engineering at Narad Networks and Managing Director and Chief Engineer at Eastern Telecom and Tech Ltd. Satya has more than 40 patents in complex firmware architecture with products deployed to hundreds of thousands of users. He holds a BS degree in Engineering from the Indian Institute of Technology in Kanpur and additional degrees from the University of Massachusetts at Lowell.