Miggo Logo
Miggo Vulnerability Database
CVE-2019-11832

CVE-2019-11832:
TYPO3 Image Processing susceptible to Code Execution

7.5

CVSS Score
3.0

Basic Information

CVE ID
CVE-2019-11832
GHSA ID
GHSA-3w4h-r27h-4r2w
EPSS Score
0.74654%
CWE
CWE-20
Published
5/24/2022
Updated
2/29/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
typo3/cms-corecomposer>= 8.0.0, < 8.7.258.7.25
typo3/cms-corecomposer>= 9.0.0, < 9.5.69.5.6
typo3/cmscomposer>= 8.0.0, < 8.7.258.7.25
typo3/cmscomposer>= 9.0.0, < 9.5.69.5.6

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from improper file type handling in ImageMagick invocations. The original code in GraphicalFunctions.php used raw filenames with frame suffixes (e.g., 'file[0]') without explicit format specification ('png:file.png'). This allowed ImageMagick to perform type guessing based on file content, enabling execution of embedded PostScript code when GhostScript was present. The commit introduced ImageMagickFile to enforce format prefixes, directly addressing these insecure command constructions in imageMagickExec and imageMagickIdentify methods.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

TYPO* *.x ***or* *.*.** *n* *.x ***or* *.*.* is sus**pti*l* to r*mot* *o** *x**ution ****us* it *o*s not prop*rly *on*i*ur* t** *ppli**tions us** *or im*** pro**ssin*, *s **monstr*t** *y Im***M**i*k or *r*p*i*sM**i*k. *or * su***ss*ul *xploit, t** **

Reasoning

T** vuln*r**ility st*mm** *rom improp*r *il* typ* **n*lin* in Im***M**i*k invo**tions. T** ori*in*l *o** in *r*p*i**l*un*tions.p*p us** r*w *il*n*m*s wit* *r*m* su**ix*s (*.*., '*il*[*]') wit*out *xpli*it *orm*t sp**i*i**tion ('pn*:*il*.pn*'). T*is *