- Vulnerability/
- USN-3681-1
12/6/2018
USN-3681-1: ImageMagick vulnerabilities
First published: Tue Jun 12 2018(Updated: )
It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/imagemagick | <8:6.9.7.4+dfsg-16ubuntu6.2 | 8:6.9.7.4+dfsg-16ubuntu6.2 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/imagemagick-6.q16 | <8:6.9.7.4+dfsg-16ubuntu6.2 | 8:6.9.7.4+dfsg-16ubuntu6.2 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/libmagick++-6.q16-7 | <8:6.9.7.4+dfsg-16ubuntu6.2 | 8:6.9.7.4+dfsg-16ubuntu6.2 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/libmagickcore-6.q16-3 | <8:6.9.7.4+dfsg-16ubuntu6.2 | 8:6.9.7.4+dfsg-16ubuntu6.2 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/libmagickcore-6.q16-3-extra | <8:6.9.7.4+dfsg-16ubuntu6.2 | 8:6.9.7.4+dfsg-16ubuntu6.2 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/imagemagick | <8:6.9.7.4+dfsg-16ubuntu2.2 | 8:6.9.7.4+dfsg-16ubuntu2.2 |
| Ubuntu Ubuntu | =17.10 | |
| All of | ||
| ubuntu/imagemagick-6.q16 | <8:6.9.7.4+dfsg-16ubuntu2.2 | 8:6.9.7.4+dfsg-16ubuntu2.2 |
| Ubuntu Ubuntu | =17.10 | |
| All of | ||
| ubuntu/libmagick++-6.q16-7 | <8:6.9.7.4+dfsg-16ubuntu2.2 | 8:6.9.7.4+dfsg-16ubuntu2.2 |
| Ubuntu Ubuntu | =17.10 | |
| All of | ||
| ubuntu/libmagickcore-6.q16-3 | <8:6.9.7.4+dfsg-16ubuntu2.2 | 8:6.9.7.4+dfsg-16ubuntu2.2 |
| Ubuntu Ubuntu | =17.10 | |
| All of | ||
| ubuntu/libmagickcore-6.q16-3-extra | <8:6.9.7.4+dfsg-16ubuntu2.2 | 8:6.9.7.4+dfsg-16ubuntu2.2 |
| Ubuntu Ubuntu | =17.10 | |
| All of | ||
| ubuntu/imagemagick | <8:6.8.9.9-7ubuntu5.11 | 8:6.8.9.9-7ubuntu5.11 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/imagemagick-6.q16 | <8:6.8.9.9-7ubuntu5.11 | 8:6.8.9.9-7ubuntu5.11 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/libmagick++-6.q16-5v5 | <8:6.8.9.9-7ubuntu5.11 | 8:6.8.9.9-7ubuntu5.11 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/libmagickcore-6.q16-2 | <8:6.8.9.9-7ubuntu5.11 | 8:6.8.9.9-7ubuntu5.11 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/libmagickcore-6.q16-2-extra | <8:6.8.9.9-7ubuntu5.11 | 8:6.8.9.9-7ubuntu5.11 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/imagemagick | <8:6.7.7.10-6ubuntu3.11 | 8:6.7.7.10-6ubuntu3.11 |
| Ubuntu Ubuntu | =14.04 | |
| All of | ||
| ubuntu/libmagick++5 | <8:6.7.7.10-6ubuntu3.11 | 8:6.7.7.10-6ubuntu3.11 |
| Ubuntu Ubuntu | =14.04 | |
| All of | ||
| ubuntu/libmagickcore5 | <8:6.7.7.10-6ubuntu3.11 | 8:6.7.7.10-6ubuntu3.11 |
| Ubuntu Ubuntu | =14.04 | |
| All of | ||
| ubuntu/libmagickcore5-extra | <8:6.7.7.10-6ubuntu3.11 | 8:6.7.7.10-6ubuntu3.11 |
| Ubuntu Ubuntu | =14.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2017-1000445
- https://ubuntu.com/security/CVE-2017-1000476
- https://ubuntu.com/security/CVE-2017-10995
- https://ubuntu.com/security/CVE-2017-11352
- https://ubuntu.com/security/CVE-2017-11533
- https://ubuntu.com/security/CVE-2017-11535
- https://ubuntu.com/security/CVE-2017-11537
- https://ubuntu.com/security/CVE-2017-11639
- https://ubuntu.com/security/CVE-2017-11640
- https://ubuntu.com/security/CVE-2017-12140
- https://ubuntu.com/security/CVE-2017-12418
- https://ubuntu.com/security/CVE-2017-12429
- https://ubuntu.com/security/CVE-2017-12430
- https://ubuntu.com/security/CVE-2017-12431
- https://ubuntu.com/security/CVE-2017-12432
- https://ubuntu.com/security/CVE-2017-12433
- https://ubuntu.com/security/CVE-2017-12435
- https://ubuntu.com/security/CVE-2017-12563
- https://ubuntu.com/security/CVE-2017-12587
- https://ubuntu.com/security/CVE-2017-12640
- https://ubuntu.com/security/CVE-2017-12643
- https://ubuntu.com/security/CVE-2017-12644
- https://ubuntu.com/security/CVE-2017-12670
- https://ubuntu.com/security/CVE-2017-12674
- https://ubuntu.com/security/CVE-2017-12691
- https://ubuntu.com/security/CVE-2017-12692
- https://ubuntu.com/security/CVE-2017-12693
- https://ubuntu.com/security/CVE-2017-12875
- https://ubuntu.com/security/CVE-2017-12877
- https://ubuntu.com/security/CVE-2017-12983
- https://ubuntu.com/security/CVE-2017-13058
- https://ubuntu.com/security/CVE-2017-13059
- https://ubuntu.com/security/CVE-2017-13060
- https://ubuntu.com/security/CVE-2017-13061
- https://ubuntu.com/security/CVE-2017-13062
- https://ubuntu.com/security/CVE-2017-13131
- https://ubuntu.com/security/CVE-2017-13134
- https://ubuntu.com/security/CVE-2017-13139
- https://ubuntu.com/security/CVE-2017-13142
- https://ubuntu.com/security/CVE-2017-13143
- https://ubuntu.com/security/CVE-2017-13144
- https://ubuntu.com/security/CVE-2017-13145
- https://ubuntu.com/security/CVE-2017-13758
- https://ubuntu.com/security/CVE-2017-13768
- https://ubuntu.com/security/CVE-2017-13769
- https://ubuntu.com/security/CVE-2017-14060
- https://ubuntu.com/security/CVE-2017-14172
- https://ubuntu.com/security/CVE-2017-14173
- https://ubuntu.com/security/CVE-2017-14174
- https://ubuntu.com/security/CVE-2017-14175
- https://ubuntu.com/security/CVE-2017-14224
- https://ubuntu.com/security/CVE-2017-14249
- https://ubuntu.com/security/CVE-2017-14325
- https://ubuntu.com/security/CVE-2017-14326
- https://ubuntu.com/security/CVE-2017-14341
- https://ubuntu.com/security/CVE-2017-14342
- https://ubuntu.com/security/CVE-2017-14343
- https://ubuntu.com/security/CVE-2017-14400
- https://ubuntu.com/security/CVE-2017-14505
- https://ubuntu.com/security/CVE-2017-14531
- https://ubuntu.com/security/CVE-2017-14532
- https://ubuntu.com/security/CVE-2017-14533
- https://ubuntu.com/security/CVE-2017-14607
- https://ubuntu.com/security/CVE-2017-14624
- https://ubuntu.com/security/CVE-2017-14625
- https://ubuntu.com/security/CVE-2017-14626
- https://ubuntu.com/security/CVE-2017-14682
- https://ubuntu.com/security/CVE-2017-14684
- https://ubuntu.com/security/CVE-2017-14739
- https://ubuntu.com/security/CVE-2017-14741
- https://ubuntu.com/security/CVE-2017-14989
- https://ubuntu.com/security/CVE-2017-15015
- https://ubuntu.com/security/CVE-2017-15016
- https://ubuntu.com/security/CVE-2017-15017
- https://ubuntu.com/security/CVE-2017-15032
- https://ubuntu.com/security/CVE-2017-15033
- https://ubuntu.com/security/CVE-2017-15217
- https://ubuntu.com/security/CVE-2017-15218
- https://ubuntu.com/security/CVE-2017-15277
- https://ubuntu.com/security/CVE-2017-15281
- https://ubuntu.com/security/CVE-2017-16546
- https://ubuntu.com/security/CVE-2017-17499
- https://ubuntu.com/security/CVE-2017-17504
- https://ubuntu.com/security/CVE-2017-17680
- https://ubuntu.com/security/CVE-2017-17681
- https://ubuntu.com/security/CVE-2017-17682
- https://ubuntu.com/security/CVE-2017-17879
- https://ubuntu.com/security/CVE-2017-17881
- https://ubuntu.com/security/CVE-2017-17882
- https://ubuntu.com/security/CVE-2017-17884
- https://ubuntu.com/security/CVE-2017-17885
- https://ubuntu.com/security/CVE-2017-17886
- https://ubuntu.com/security/CVE-2017-17887
- https://ubuntu.com/security/CVE-2017-17914
- https://ubuntu.com/security/CVE-2017-17934
- https://ubuntu.com/security/CVE-2017-18008
- https://ubuntu.com/security/CVE-2017-18022
- https://ubuntu.com/security/CVE-2017-18027
- https://ubuntu.com/security/CVE-2017-18028
- https://ubuntu.com/security/CVE-2017-18029
- https://ubuntu.com/security/CVE-2017-18209
- https://ubuntu.com/security/CVE-2017-18211
- https://ubuntu.com/security/CVE-2017-18251
- https://ubuntu.com/security/CVE-2017-18252
- https://ubuntu.com/security/CVE-2017-18254
- https://ubuntu.com/security/CVE-2017-18271
- https://ubuntu.com/security/CVE-2017-18273
- https://ubuntu.com/security/CVE-2018-10177
- https://ubuntu.com/security/CVE-2018-10804
- https://ubuntu.com/security/CVE-2018-10805
- https://ubuntu.com/security/CVE-2018-11251
- https://ubuntu.com/security/CVE-2018-11625
- https://ubuntu.com/security/CVE-2018-11655
- https://ubuntu.com/security/CVE-2018-11656
- https://ubuntu.com/security/CVE-2018-5246
- https://ubuntu.com/security/CVE-2018-5247
- https://ubuntu.com/security/CVE-2018-5248
- https://ubuntu.com/security/CVE-2018-5357
- https://ubuntu.com/security/CVE-2018-5358
- https://ubuntu.com/security/CVE-2018-6405
- https://ubuntu.com/security/CVE-2018-7443
- https://ubuntu.com/security/CVE-2018-8804
- https://ubuntu.com/security/CVE-2018-8960
- https://ubuntu.com/security/CVE-2018-9133
- https://ubuntu.com/security/notices/USN-3363-1
- https://ubuntu.com/security/notices/USN-4222-1
- https://ubuntu.com/security/notices/USN-5335-1
- https://ubuntu.com/security/notices/USN-6980-1
- https://ubuntu.com/security/notices/USN-4232-1
- https://launchpad.net/ubuntu/+source/imagemagick/8:6.9.7.4+dfsg-16ubuntu6.2
- https://launchpad.net/ubuntu/+source/imagemagick/8:6.9.7.4+dfsg-16ubuntu2.2
- https://launchpad.net/ubuntu/+source/imagemagick/8:6.8.9.9-7ubuntu5.11
- https://launchpad.net/ubuntu/+source/imagemagick/8:6.7.7.10-6ubuntu3.11
- https://ubuntu.com/security/notices/USN-3681-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
- CVE-2017-1000445
- CVE-2017-1000476
- CVE-2017-10995
- CVE-2017-11352
- CVE-2017-11533
- CVE-2017-11535
- CVE-2017-11537
- CVE-2017-11639
- CVE-2017-11640
- CVE-2017-12140
- CVE-2017-12418
- CVE-2017-12429
- CVE-2017-12430
- CVE-2017-12431
- CVE-2017-12432
- CVE-2017-12433
- CVE-2017-12435
- CVE-2017-12563
- CVE-2017-12587
- CVE-2017-12640
- CVE-2017-12643
- CVE-2017-12644
- CVE-2017-12670
- CVE-2017-12674
- CVE-2017-12691
- CVE-2017-12692
- CVE-2017-12693
- CVE-2017-12875
- CVE-2017-12877
- CVE-2017-12983
- CVE-2017-13058
- CVE-2017-13059
- CVE-2017-13060
- CVE-2017-13061
- CVE-2017-13062
- CVE-2017-13131
- CVE-2017-13134
- CVE-2017-13139
- CVE-2017-13142
- CVE-2017-13143
- CVE-2017-13144
- CVE-2017-13145
- CVE-2017-13758
- CVE-2017-13768
- CVE-2017-13769
- CVE-2017-14060
- CVE-2017-14172
- CVE-2017-14173
- CVE-2017-14174
- CVE-2017-14175
- CVE-2017-14224
- CVE-2017-14249
- CVE-2017-14325
- CVE-2017-14326
- CVE-2017-14341
- CVE-2017-14342
- CVE-2017-14343
- CVE-2017-14400
- CVE-2017-14505
- CVE-2017-14531
- CVE-2017-14532
- CVE-2017-14533
- CVE-2017-14607
- CVE-2017-14624
- CVE-2017-14625
- CVE-2017-14626
- CVE-2017-14682
- CVE-2017-14684
- CVE-2017-14739
- CVE-2017-14741
- CVE-2017-14989
- CVE-2017-15015
- CVE-2017-15016
- CVE-2017-15017
- CVE-2017-15032
- CVE-2017-15033
- CVE-2017-15217
- CVE-2017-15218
- CVE-2017-15277
- CVE-2017-15281
- CVE-2017-16546
- CVE-2017-17499
- CVE-2017-17504
- CVE-2017-17680
- CVE-2017-17681
- CVE-2017-17682
- CVE-2017-17879
- CVE-2017-17881
- CVE-2017-17882
- CVE-2017-17884
- CVE-2017-17885
- CVE-2017-17886
- CVE-2017-17887
- CVE-2017-17914
- CVE-2017-17934
- CVE-2017-18008
- CVE-2017-18022
- CVE-2017-18027
- CVE-2017-18028
- CVE-2017-18029
- CVE-2017-18209
- CVE-2017-18211
- CVE-2017-18251
- CVE-2017-18252
- CVE-2017-18254
- CVE-2017-18271
- CVE-2017-18273
- CVE-2018-10177
- CVE-2018-10804
- CVE-2018-10805
- CVE-2018-11251
- CVE-2018-11625
- CVE-2018-11655
- CVE-2018-11656
- CVE-2018-5246
- CVE-2018-5247
- CVE-2018-5248
- CVE-2018-5357
- CVE-2018-5358
- CVE-2018-6405
- CVE-2018-7443
- CVE-2018-8804
- CVE-2018-8960
- CVE-2018-9133
Frequently Asked Questions
What is the vulnerability ID for this ImageMagick vulnerability?
The vulnerability ID for this ImageMagick vulnerability is CVE-2017-1000445.
What is the severity of CVE-2017-1000445?
The severity of CVE-2017-1000445 is high.
How does CVE-2017-1000445 affect ImageMagick?
CVE-2017-1000445 affects ImageMagick by allowing an attacker to cause a denial of service or possibly execute code with the privileges of the user.
How do I fix CVE-2017-1000445 in Ubuntu 18.04?
To fix CVE-2017-1000445 in Ubuntu 18.04, you need to update the 'imagemagick' package to version 8:6.9.7.4+dfsg-16ubuntu6.2 or higher.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability at the following references: [link1] [link2] [link3].
- agent/severity
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/title
- agent/softwarecombine
- agent/description
- agent/event
- agent/tags
- agent/references
- collector/usn
- source/Ubuntu
- anchor-related/USN-3363-1
- anchor-related/USN-4222-1
- anchor-related/USN-5335-1
- anchor-related/USN-6980-1
- anchor-related/USN-4232-1
- agent/software-canonical-lookup
- agent/trending
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/18.04
- version/ubuntu ubuntu/17.10
- version/ubuntu ubuntu/16.04
- version/ubuntu ubuntu/14.04