cnvd - cnvd-2017-33324

CNVD-2017-33324

Vulnerability from cnvd - Published: 2017-11-09

Title

Horde_Image远程代码执行漏洞

Description

Horde_Image是美国Horde公司的一个图像编辑的包，它能够提供颜色高亮显示、图像效果编辑等功能。 Horde_Image 2.0.0版本至2.5.1版本中存在远程代码执行漏洞。远程攻击者可利用该漏洞执行代码。

Severity

中

Patch Name

Horde_Image远程代码执行漏洞的补丁

Patch Description

Horde_Image是美国Horde公司的一个图像编辑的包，它能够提供颜色高亮显示、图像效果编辑等功能。 Horde_Image 2.0.0版本至2.5.1版本中存在远程代码执行漏洞。远程攻击者可利用该漏洞执行代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://github.com/horde/horde/commit/eb3afd14c22c77ae0d29e2848f5ac726ef6e7c5b

Reference

https://nvd.nist.gov/vuln/detail/CVE-2017-14650

Impacted products

Name
Horde Horde_Image >=2.0.0，<=2.5.1

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-14650"
    }
  },
  "description": "Horde_Image\u662f\u7f8e\u56fdHorde\u516c\u53f8\u7684\u4e00\u4e2a\u56fe\u50cf\u7f16\u8f91\u7684\u5305\uff0c\u5b83\u80fd\u591f\u63d0\u4f9b\u989c\u8272\u9ad8\u4eae\u663e\u793a\u3001\u56fe\u50cf\u6548\u679c\u7f16\u8f91\u7b49\u529f\u80fd\u3002\r\n\r\nHorde_Image 2.0.0\u7248\u672c\u81f32.5.1\u7248\u672c\u4e2d\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4ee3\u7801\u3002",
  "discovererName": "Thomas Jarosch",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/horde/horde/commit/eb3afd14c22c77ae0d29e2848f5ac726ef6e7c5b",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-33324",
  "openTime": "2017-11-09",
  "patchDescription": "Horde_Image\u662f\u7f8e\u56fdHorde\u516c\u53f8\u7684\u4e00\u4e2a\u56fe\u50cf\u7f16\u8f91\u7684\u5305\uff0c\u5b83\u80fd\u591f\u63d0\u4f9b\u989c\u8272\u9ad8\u4eae\u663e\u793a\u3001\u56fe\u50cf\u6548\u679c\u7f16\u8f91\u7b49\u529f\u80fd\u3002\r\n\r\nHorde_Image 2.0.0\u7248\u672c\u81f32.5.1\u7248\u672c\u4e2d\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Horde_Image\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Horde Horde_Image \u003e=2.0.0\uff0c\u003c=2.5.1"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2017-14650",
  "serverity": "\u4e2d",
  "submitTime": "2017-09-22",
  "title": "Horde_Image\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2017-14650 (GCVE-0-2017-14650)

Vulnerability from cvelistv5 – Published: 2017-09-21 17:00 – Updated: 2024-08-05 19:34

Summary

A Remote Code Execution vulnerability has been found in the Horde_Image library when using the "Im" backend that utilizes ImageMagick's "convert" utility. It's not exploitable through any Horde application, because the code path to the vulnerability is not used by any Horde code. Custom applications using the Horde_Image library might be affected. This vulnerability affects all versions of Horde_Image from 2.0.0 to 2.5.1, and is fixed in 2.5.2. The problem is missing input validation of the index field in _raw() during construction of an ImageMagick command line.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://marc.info/?l=horde-announce&m=15060029952…	x_refsource_MISC
	https://www.debian.org/security/2018/dsa-4276	vendor-advisoryx_refsource_DEBIAN
	https://github.com/horde/horde/commit/eb3afd14c22…	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2017/09/21/4	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:34:39.209Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://marc.info/?l=horde-announce\u0026m=150600299528079\u0026w=2"
          },
          {
            "name": "DSA-4276",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4276"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/horde/horde/commit/eb3afd14c22c77ae0d29e2848f5ac726ef6e7c5b"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/09/21/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Remote Code Execution vulnerability has been found in the Horde_Image library when using the \"Im\" backend that utilizes ImageMagick\u0027s \"convert\" utility. It\u0027s not exploitable through any Horde application, because the code path to the vulnerability is not used by any Horde code. Custom applications using the Horde_Image library might be affected. This vulnerability affects all versions of Horde_Image from 2.0.0 to 2.5.1, and is fixed in 2.5.2. The problem is missing input validation of the index field in _raw() during construction of an ImageMagick command line."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-08-18T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://marc.info/?l=horde-announce\u0026m=150600299528079\u0026w=2"
        },
        {
          "name": "DSA-4276",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4276"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/horde/horde/commit/eb3afd14c22c77ae0d29e2848f5ac726ef6e7c5b"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/09/21/4"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14650",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Remote Code Execution vulnerability has been found in the Horde_Image library when using the \"Im\" backend that utilizes ImageMagick\u0027s \"convert\" utility. It\u0027s not exploitable through any Horde application, because the code path to the vulnerability is not used by any Horde code. Custom applications using the Horde_Image library might be affected. This vulnerability affects all versions of Horde_Image from 2.0.0 to 2.5.1, and is fixed in 2.5.2. The problem is missing input validation of the index field in _raw() during construction of an ImageMagick command line."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://marc.info/?l=horde-announce\u0026m=150600299528079\u0026w=2",
              "refsource": "MISC",
              "url": "https://marc.info/?l=horde-announce\u0026m=150600299528079\u0026w=2"
            },
            {
              "name": "DSA-4276",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4276"
            },
            {
              "name": "https://github.com/horde/horde/commit/eb3afd14c22c77ae0d29e2848f5ac726ef6e7c5b",
              "refsource": "MISC",
              "url": "https://github.com/horde/horde/commit/eb3afd14c22c77ae0d29e2848f5ac726ef6e7c5b"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2017/09/21/4",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2017/09/21/4"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14650",
    "datePublished": "2017-09-21T17:00:00",
    "dateReserved": "2017-09-21T00:00:00",
    "dateUpdated": "2024-08-05T19:34:39.209Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2017-33324

CVE-2017-14650 (GCVE-0-2017-14650)

Tags

Sightings

Nomenclature