ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.
{ "vanir_signatures": [ { "target": { "file": "coders/pnm.c" }, "signature_type": "Line", "source": "https://github.com/imagemagick/imagemagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d", "id": "CVE-2019-13305-1c6537f9", "signature_version": "v1", "deprecated": false, "digest": { "line_hashes": [ "173762177608646474229096952035740399235", "289406497514684310294962166107346125501", "21097388086084617718518641042937076416", "35642898481975699506351846593204015195", "77906465006221657393526514938524859468", "285544180431742860460340536518089203315", "331103141952356089566155178080339761980", "208860185305730238549952908594482552465", "223298258395674198923092237956824505086", "136093366047081782534432463312274729429", "221104929025802232976201896599260669426", "163154869902866174508379178574013779285", "222362234539984236477823386084086610404", "21097388086084617718518641042937076416", "35642898481975699506351846593204015195", "77906465006221657393526514938524859468", "285544180431742860460340536518089203315", "331103141952356089566155178080339761980", "208860185305730238549952908594482552465", "223298258395674198923092237956824505086", "136093366047081782534432463312274729429", "221104929025802232976201896599260669426" ], "threshold": 0.9 } }, { "target": { "function": "WritePNMImage", "file": "coders/pnm.c" }, "signature_type": "Function", "source": "https://github.com/imagemagick/imagemagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d", "id": "CVE-2019-13305-2814054e", "signature_version": "v1", "deprecated": false, "digest": { "function_hash": "332819623678125575910808390063345700395", "length": 21296.0 } }, { "target": { "function": "WritePNMImage", "file": "coders/pnm.c" }, "signature_type": "Function", "source": "https://github.com/imagemagick/imagemagick/commit/29efd648f38b73a64d73f14cd2019d869a585888", "id": "CVE-2019-13305-c830bb5e", "signature_version": "v1", "deprecated": false, "digest": { "function_hash": "137037883599812925999839805869440558077", "length": 21985.0 } }, { "target": { "file": "coders/pnm.c" }, "signature_type": "Line", "source": "https://github.com/imagemagick/imagemagick/commit/29efd648f38b73a64d73f14cd2019d869a585888", "id": "CVE-2019-13305-dd7809ac", "signature_version": "v1", "deprecated": false, "digest": { "line_hashes": [ "63560967211026655781415365551152740604", "17561297529628399240895611359329573059", "21097388086084617718518641042937076416", "35642898481975699506351846593204015195", "77906465006221657393526514938524859468", "285544180431742860460340536518089203315", "331103141952356089566155178080339761980", "208860185305730238549952908594482552465", "191554334367101042462272792348364098863", "251469381905454677448473595287462568586", "68682566748185754501242263673426332532", "199112087754320044143379395221326717145", "22717455355125320837774627697453994572", "21097388086084617718518641042937076416", "35642898481975699506351846593204015195", "77906465006221657393526514938524859468", "285544180431742860460340536518089203315", "331103141952356089566155178080339761980", "208860185305730238549952908594482552465", "191554334367101042462272792348364098863", "251469381905454677448473595287462568586", "68682566748185754501242263673426332532" ], "threshold": 0.9 } } ] }