ID CVE-2007-4985
Summary ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls.
References
Vulnerable Configurations
  • ImageMagick 5.3.3
    cpe:2.3:a:imagemagick:imagemagick:5.3.3
  • ImageMagick 5.3.8
    cpe:2.3:a:imagemagick:imagemagick:5.3.8
  • ImageMagick 5.4.2.3
    cpe:2.3:a:imagemagick:imagemagick:5.4.2.3
  • ImageMagick 5.4.3
    cpe:2.3:a:imagemagick:imagemagick:5.4.3
  • ImageMagick 5.4.4.5
    cpe:2.3:a:imagemagick:imagemagick:5.4.4.5
  • ImageMagick 5.4.7
    cpe:2.3:a:imagemagick:imagemagick:5.4.7
  • ImageMagick 5.4.8
    cpe:2.3:a:imagemagick:imagemagick:5.4.8
  • cpe:2.3:a:imagemagick:imagemagick:5.4.8.2_1.1.0
    cpe:2.3:a:imagemagick:imagemagick:5.4.8.2_1.1.0
  • cpe:2.3:a:imagemagick:imagemagick:5.5.3_.2_1.2.0
    cpe:2.3:a:imagemagick:imagemagick:5.5.3_.2_1.2.0
  • ImageMagick 5.5.4
    cpe:2.3:a:imagemagick:imagemagick:5.5.4
  • ImageMagick 5.5.6
    cpe:2.3:a:imagemagick:imagemagick:5.5.6
  • ImageMagick ImageMagick 5.5.6.0_20030409
    cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_20030409
  • ImageMagick 5.5.7
    cpe:2.3:a:imagemagick:imagemagick:5.5.7
  • ImageMagick 5.5.7.15
    cpe:2.3:a:imagemagick:imagemagick:5.5.7.15
  • ImageMagick 6.0
    cpe:2.3:a:imagemagick:imagemagick:6.0
  • ImageMagick 6.0.1
    cpe:2.3:a:imagemagick:imagemagick:6.0.1
  • ImageMagick 6.0.2
    cpe:2.3:a:imagemagick:imagemagick:6.0.2
  • ImageMagick 6.0.2.5
    cpe:2.3:a:imagemagick:imagemagick:6.0.2.5
  • ImageMagick 6.0.3
    cpe:2.3:a:imagemagick:imagemagick:6.0.3
  • ImageMagick 6.0.4
    cpe:2.3:a:imagemagick:imagemagick:6.0.4
  • ImageMagick 6.0.4.4
    cpe:2.3:a:imagemagick:imagemagick:6.0.4.4
  • ImageMagick 6.0.5
    cpe:2.3:a:imagemagick:imagemagick:6.0.5
  • ImageMagick 6.0.6
    cpe:2.3:a:imagemagick:imagemagick:6.0.6
  • ImageMagick 6.0.6.2
    cpe:2.3:a:imagemagick:imagemagick:6.0.6.2
  • ImageMagick 6.0.7
    cpe:2.3:a:imagemagick:imagemagick:6.0.7
  • ImageMagick 6.0.8
    cpe:2.3:a:imagemagick:imagemagick:6.0.8
  • ImageMagick 6.1
    cpe:2.3:a:imagemagick:imagemagick:6.1
  • ImageMagick 6.1.1
    cpe:2.3:a:imagemagick:imagemagick:6.1.1
  • ImageMagick 6.1.2
    cpe:2.3:a:imagemagick:imagemagick:6.1.2
  • ImageMagick 6.1.3
    cpe:2.3:a:imagemagick:imagemagick:6.1.3
  • ImageMagick 6.1.4
    cpe:2.3:a:imagemagick:imagemagick:6.1.4
  • ImageMagick 6.1.5
    cpe:2.3:a:imagemagick:imagemagick:6.1.5
  • ImageMagick 6.1.6
    cpe:2.3:a:imagemagick:imagemagick:6.1.6
  • ImageMagick 6.1.7
    cpe:2.3:a:imagemagick:imagemagick:6.1.7
  • ImageMagick 6.1.8
    cpe:2.3:a:imagemagick:imagemagick:6.1.8
  • ImageMagick 6.2
    cpe:2.3:a:imagemagick:imagemagick:6.2
  • ImageMagick 6.2.0.3
    cpe:2.3:a:imagemagick:imagemagick:6.2.0.3
  • ImageMagick 6.2.0.7
    cpe:2.3:a:imagemagick:imagemagick:6.2.0.7
  • ImageMagick 6.2.1
    cpe:2.3:a:imagemagick:imagemagick:6.2.1
  • ImageMagick 6.2.2
    cpe:2.3:a:imagemagick:imagemagick:6.2.2
  • ImageMagick 6.2.3
    cpe:2.3:a:imagemagick:imagemagick:6.2.3
  • ImageMagick 6.2.3.4
    cpe:2.3:a:imagemagick:imagemagick:6.2.3.4
  • ImageMagick 6.2.4
    cpe:2.3:a:imagemagick:imagemagick:6.2.4
  • ImageMagick 6.2.4.3
    cpe:2.3:a:imagemagick:imagemagick:6.2.4.3
  • ImageMagick 6.2.4.5
    cpe:2.3:a:imagemagick:imagemagick:6.2.4.5
  • ImageMagick 6.2.5
    cpe:2.3:a:imagemagick:imagemagick:6.2.5
  • ImageMagick 6.2.6
    cpe:2.3:a:imagemagick:imagemagick:6.2.6
  • ImageMagick 6.2.7
    cpe:2.3:a:imagemagick:imagemagick:6.2.7
  • ImageMagick 6.2.8
    cpe:2.3:a:imagemagick:imagemagick:6.2.8
  • ImageMagick 6.2.9
    cpe:2.3:a:imagemagick:imagemagick:6.2.9
  • ImageMagick 6.2.9.2
    cpe:2.3:a:imagemagick:imagemagick:6.2.9.2
  • ImageMagick 6.3.1
    cpe:2.3:a:imagemagick:imagemagick:6.3.1
  • ImageMagick 6.3.2
    cpe:2.3:a:imagemagick:imagemagick:6.3.2
  • ImageMagick ImageMagick 6.3.3_3
    cpe:2.3:a:imagemagick:imagemagick:6.3.3_3
  • ImageMagick ImageMagick 6.3.3_5
    cpe:2.3:a:imagemagick:imagemagick:6.3.3_5
  • ImageMagick ImageMagick 6.3.3_6
    cpe:2.3:a:imagemagick:imagemagick:6.3.3_6
  • ImageMagick 6.3.4
    cpe:2.3:a:imagemagick:imagemagick:6.3.4
CVSS
Base: 4.3 (as of 25-09-2007 - 09:36)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-523-1.NASL
    description Multiple vulnerabilities were found in the image decoders of ImageMagick. If a user or automated system were tricked into processing a malicious DCM, DIB, XBM, XCF, or XWD image, a remote attacker could execute arbitrary code with user privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 28128
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28128
    title Ubuntu 6.06 LTS / 6.10 / 7.04 : imagemagick vulnerabilities (USN-523-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0145.NASL
    description Updated ImageMagick packages that correct several security issues are now available for Red Hat Enterprise Linux versions 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Several heap-based buffer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM or XWD file, an attacker could potentially execute arbitrary code on the victim's machine. (CVE-2007-1797) Several denial of service flaws were found in ImageMagick's parsing of XCF and DCM files. Attempting to process a specially crafted input file in these formats could cause ImageMagick to enter an infinite loop. (CVE-2007-4985) Several integer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM, DIB, XBM, XCF or XWD file, an attacker could potentially execute arbitrary code with the privileges of the user running ImageMagick. (CVE-2007-4986) An integer overflow flaw was found in ImageMagick's DIB parsing code. If a victim opened a specially crafted DIB file, an attacker could potentially execute arbitrary code with the privileges of the user running ImageMagick. (CVE-2007-4988) A heap-based buffer overflow flaw was found in the way ImageMagick parsed XCF files. If a specially crafted XCF image was opened, ImageMagick could be made to overwrite heap memory beyond the bounds of its allocated memory. This could, potentially, allow an attacker to execute arbitrary code on the machine running ImageMagick. (CVE-2008-1096) A heap-based buffer overflow flaw was found in ImageMagick's processing of certain malformed PCX images. If a victim opened a specially crafted PCX file, an attacker could possibly execute arbitrary code on the victim's machine. (CVE-2008-1097) All users of ImageMagick should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 31984
    published 2008-04-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31984
    title RHEL 3 / 4 / 5 : ImageMagick (RHSA-2008:0145)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1903.NASL
    description Several vulnerabilities have been discovered in graphicsmagick, a collection of image processing tool, which can lead to the execution of arbitrary code, exposure of sensitive information or cause DoS. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1667 Multiple integer overflows in XInitImage function in xwd.c for GraphicsMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow. It only affects the oldstable distribution (etch). - CVE-2007-1797 Multiple integer overflows allow remote attackers to execute arbitrary code via a crafted DCM image, or the colors or comments field in a crafted XWD image. It only affects the oldstable distribution (etch). - CVE-2007-4985 A crafted image file can trigger an infinite loop in the ReadDCMImage function or in the ReadXCFImage function. It only affects the oldstable distribution (etch). - CVE-2007-4986 Multiple integer overflows allow context-dependent attackers to execute arbitrary code via a crafted .dcm, .dib, .xbm, .xcf, or .xwd image file, which triggers a heap-based buffer overflow. It only affects the oldstable distribution (etch). - CVE-2007-4988 A sign extension error allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow. It affects only the oldstable distribution (etch). - CVE-2008-1096 The load_tile function in the XCF coder allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write. It affects only oldstable (etch). - CVE-2008-3134 Multiple vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via vectors in the AVI, AVS, DCM, EPT, FITS, MTV, PALM, RLA, and TGA decoder readers; and the GetImageCharacteristics function in magick/image.c, as reachable from a crafted PNG, JPEG, BMP, or TIFF file. - CVE-2008-6070 Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image. - CVE-2008-6071 Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image. - CVE-2008-6072 Multiple vulnerabilities in GraphicsMagick allow remote attackers to cause a denial of service (crash) via vectors in XCF and CINEON images. - CVE-2008-6621 Vulnerability in GraphicsMagick allows remote attackers to cause a denial of service (crash) via vectors in DPX images. - CVE-2009-1882 Integer overflow allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 44768
    published 2010-02-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44768
    title Debian DSA-1903-1 : graphicsmagick - several vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_GRAPHICSMAGICK-4539.NASL
    description This update of GraphicsMagick fixes several vulnerabilities. - CVE-2007-4985: infinite loop while parsing images - CVE-2007-4986: integer overflows that can lead to code execution - CVE-2007-4987: one-byte buffer overflow that can lead to code execution - CVE-2007-4988: integer overflows that can lead to code execution
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 27603
    published 2007-11-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27603
    title openSUSE 10 Security Update : GraphicsMagick (GraphicsMagick-4539)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200710-27.NASL
    description The remote host is affected by the vulnerability described in GLSA-200710-27 (ImageMagick: Multiple vulnerabilities) regenrecht reported multiple infinite loops in functions ReadDCMImage() and ReadXCFImage() (CVE-2007-4985), multiple integer overflows when handling certain types of images (CVE-2007-4986, CVE-2007-4988), and an off-by-one error in the ReadBlobString() function (CVE-2007-4987). Impact : A remote attacker could entice a user to open a specially crafted image, possibly resulting in the remote execution of arbitrary code with the privileges of the user running the application, or an excessive CPU consumption. Note that applications relying on ImageMagick to process images can also trigger the vulnerability. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 27559
    published 2007-10-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27559
    title GLSA-200710-27 : ImageMagick: Multiple vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0165.NASL
    description Updated ImageMagick packages that correct several security issues are now available for Red Hat Enterprise Linux version 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Several heap-based buffer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM or XWD file, an attacker could potentially execute arbitrary code on the victim's machine. (CVE-2007-1797) Several denial of service flaws were found in ImageMagick's parsing of XCF and DCM files. Attempting to process a specially crafted input file in these formats could cause ImageMagick to enter an infinite loop. (CVE-2007-4985) Several integer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM, DIB, XBM, XCF or XWD file, an attacker could potentially execute arbitrary code with the privileges of the user running ImageMagick. (CVE-2007-4986) A heap-based buffer overflow flaw was found in ImageMagick's processing of certain malformed PCX images. If a victim opened a specially crafted PCX file, an attacker could possibly execute arbitrary code with the privileges of the user running ImageMagick.. (CVE-2008-1097) All users of ImageMagick should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 31985
    published 2008-04-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31985
    title RHEL 2.1 : ImageMagick (RHSA-2008:0165)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_IMAGEMAGICK-4541.NASL
    description This update of ImageMagick fixes several vulnerabilities. - infinite loop while parsing images. (CVE-2007-4985) - integer overflows that can lead to code execution. (CVE-2007-4986) - one-byte buffer overflow that can lead to code execution (SLES8- and SLES9-based products are not affected). (CVE-2007-4987) - integer overflows that can lead to code execution. (CVE-2007-4988)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 29353
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29353
    title SuSE 10 Security Update : ImageMagick (ZYPP Patch Number 4541)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080416_IMAGEMAGICK_ON_SL3_X.NASL
    description Several heap-based buffer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM or XWD file, an attacker could potentially execute arbitrary code on the victim's machine. (CVE-2007-1797) Several denial of service flaws were found in ImageMagick's parsing of XCF and DCM files. Attempting to process a specially crafted input file in these formats could cause ImageMagick to enter an infinite loop. (CVE-2007-4985) Several integer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM, DIB, XBM, XCF or XWD file, an attacker could potentially execute arbitrary code with the privileges of the user running ImageMagick. (CVE-2007-4986) An integer overflow flaw was found in ImageMagick's DIB parsing code. If a victim opened a specially crafted DIB file, an attacker could potentially execute arbitrary code with the privileges of the user running ImageMagick. (CVE-2007-4988) A heap-based buffer overflow flaw was found in the way ImageMagick parsed XCF files. If a specially crafted XCF image was opened, ImageMagick could be made to overwrite heap memory beyond the bounds of its allocated memory. This could, potentially, allow an attacker to execute arbitrary code on the machine running ImageMagick. (CVE-2008-1096) A heap-based buffer overflow flaw was found in ImageMagick's processing of certain malformed PCX images. If a victim opened a specially crafted PCX file, an attacker could possibly execute arbitrary code on the victim's machine. (CVE-2008-1097)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60382
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60382
    title Scientific Linux Security Update : ImageMagick on SL3.x, SL4.x, SL5.x i386/x86_64
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1858.NASL
    description Several vulnerabilities have been discovered in the imagemagick image manipulation programs which can lead to the execution of arbitrary code, exposure of sensitive information or cause DoS. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1667 Multiple integer overflows in XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow. It only affects the oldstable distribution (etch). - CVE-2007-1797 Multiple integer overflows allow remote attackers to execute arbitrary code via a crafted DCM image, or the colors or comments field in a crafted XWD image. It only affects the oldstable distribution (etch). - CVE-2007-4985 A crafted image file can trigger an infinite loop in the ReadDCMImage function or in the ReadXCFImage function. It only affects the oldstable distribution (etch). - CVE-2007-4986 Multiple integer overflows allow context-dependent attackers to execute arbitrary code via a crafted .dcm, .dib, .xbm, .xcf, or .xwd image file, which triggers a heap-based buffer overflow. It only affects the oldstable distribution (etch). - CVE-2007-4987 Off-by-one error allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address. It affects only the oldstable distribution (etch). - CVE-2007-4988 A sign extension error allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow. It affects only the oldstable distribution (etch). - CVE-2008-1096 The load_tile function in the XCF coder allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write. It affects only to oldstable (etch). - CVE-2008-1097 Heap-based buffer overflow in the PCX coder allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption. It affects only to oldstable (etch). - CVE-2009-1882 Integer overflow allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 44723
    published 2010-02-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44723
    title Debian DSA-1858-1 : imagemagick - multiple vulnerabilities
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_F5B29EC071F911DC8C6A00304881AC9A.NASL
    description Multiple vulnerabilities have been discovered in ImageMagick. ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls. Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow. Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address. Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 26978
    published 2007-10-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26978
    title FreeBSD : ImageMagick -- multiple vulnerabilities (f5b29ec0-71f9-11dc-8c6a-00304881ac9a)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0145.NASL
    description Updated ImageMagick packages that correct several security issues are now available for Red Hat Enterprise Linux versions 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Several heap-based buffer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM or XWD file, an attacker could potentially execute arbitrary code on the victim's machine. (CVE-2007-1797) Several denial of service flaws were found in ImageMagick's parsing of XCF and DCM files. Attempting to process a specially crafted input file in these formats could cause ImageMagick to enter an infinite loop. (CVE-2007-4985) Several integer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM, DIB, XBM, XCF or XWD file, an attacker could potentially execute arbitrary code with the privileges of the user running ImageMagick. (CVE-2007-4986) An integer overflow flaw was found in ImageMagick's DIB parsing code. If a victim opened a specially crafted DIB file, an attacker could potentially execute arbitrary code with the privileges of the user running ImageMagick. (CVE-2007-4988) A heap-based buffer overflow flaw was found in the way ImageMagick parsed XCF files. If a specially crafted XCF image was opened, ImageMagick could be made to overwrite heap memory beyond the bounds of its allocated memory. This could, potentially, allow an attacker to execute arbitrary code on the machine running ImageMagick. (CVE-2008-1096) A heap-based buffer overflow flaw was found in ImageMagick's processing of certain malformed PCX images. If a victim opened a specially crafted PCX file, an attacker could possibly execute arbitrary code on the victim's machine. (CVE-2008-1097) All users of ImageMagick should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 31995
    published 2008-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31995
    title CentOS 3 / 4 / 5 : ImageMagick (CESA-2008:0145)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2008-035.NASL
    description Multiple vulnerabilities were discovered in the image decoders of ImageMagick. If a user or automated system were tricked into processing malicious DCM, DIB, XBM, XCF, or XWD images, a remote attacker could execute arbitrary code with user privileges. The updated packages have been patched to correct these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 37331
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37331
    title Mandriva Linux Security Advisory : ImageMagick (MDVSA-2008:035)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0145.NASL
    description From Red Hat Security Advisory 2008:0145 : Updated ImageMagick packages that correct several security issues are now available for Red Hat Enterprise Linux versions 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Several heap-based buffer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM or XWD file, an attacker could potentially execute arbitrary code on the victim's machine. (CVE-2007-1797) Several denial of service flaws were found in ImageMagick's parsing of XCF and DCM files. Attempting to process a specially crafted input file in these formats could cause ImageMagick to enter an infinite loop. (CVE-2007-4985) Several integer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM, DIB, XBM, XCF or XWD file, an attacker could potentially execute arbitrary code with the privileges of the user running ImageMagick. (CVE-2007-4986) An integer overflow flaw was found in ImageMagick's DIB parsing code. If a victim opened a specially crafted DIB file, an attacker could potentially execute arbitrary code with the privileges of the user running ImageMagick. (CVE-2007-4988) A heap-based buffer overflow flaw was found in the way ImageMagick parsed XCF files. If a specially crafted XCF image was opened, ImageMagick could be made to overwrite heap memory beyond the bounds of its allocated memory. This could, potentially, allow an attacker to execute arbitrary code on the machine running ImageMagick. (CVE-2008-1096) A heap-based buffer overflow flaw was found in ImageMagick's processing of certain malformed PCX images. If a victim opened a specially crafted PCX file, an attacker could possibly execute arbitrary code on the victim's machine. (CVE-2008-1097) All users of ImageMagick should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67656
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67656
    title Oracle Linux 3 / 4 / 5 : ImageMagick (ELSA-2008-0145)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_IMAGEMAGICK-4543.NASL
    description This update of ImageMagick fixes several vulnerabilities. - CVE-2007-4985: infinite loop while parsing images - CVE-2007-4986: integer overflows that can lead to code execution - CVE-2007-4987: one-byte buffer overflow that can lead to code execution (SLES8- and SLES9-based products are not affected) - CVE-2007-4988: integer overflows that can lead to code execution
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27604
    published 2007-11-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27604
    title openSUSE 10 Security Update : ImageMagick (ImageMagick-4543)
oval via4
accepted 2013-04-29T04:09:30.112-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls.
family unix
id oval:org.mitre.oval:def:10869
status accepted
submitted 2010-07-09T03:56:16-04:00
title ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls.
version 24
redhat via4
advisories
  • rhsa
    id RHSA-2008:0145
  • rhsa
    id RHSA-2008:0165
rpms
  • ImageMagick-0:5.5.6-28
  • ImageMagick-c++-0:5.5.6-28
  • ImageMagick-c++-devel-0:5.5.6-28
  • ImageMagick-devel-0:5.5.6-28
  • ImageMagick-perl-0:5.5.6-28
  • ImageMagick-0:6.0.7.1-17.el4_6.1
  • ImageMagick-c++-0:6.0.7.1-17.el4_6.1
  • ImageMagick-c++-devel-0:6.0.7.1-17.el4_6.1
  • ImageMagick-devel-0:6.0.7.1-17.el4_6.1
  • ImageMagick-perl-0:6.0.7.1-17.el4_6.1
  • ImageMagick-0:6.2.8.0-4.el5_1.1
  • ImageMagick-c++-0:6.2.8.0-4.el5_1.1
  • ImageMagick-c++-devel-0:6.2.8.0-4.el5_1.1
  • ImageMagick-devel-0:6.2.8.0-4.el5_1.1
  • ImageMagick-perl-0:6.2.8.0-4.el5_1.1
refmap via4
bid 25764
bugtraq 20071112 FLEA-2007-0066-1 ImageMagick
confirm
debian DSA-1858
gentoo GLSA-200710-27
idefense 20070919 Multiple Vendor ImageMagick Multiple Denial of Service Vulnerabilities
mandriva MDVSA-2008:035
mlist [Magick-announce] 20070917 ImageMagick 6.3.5-9, important security updates
sectrack 1018729
secunia
  • 26926
  • 27048
  • 27309
  • 27364
  • 27439
  • 28721
  • 29786
  • 29857
  • 36260
suse SUSE-SR:2007:023
ubuntu USN-523-1
vupen ADV-2007-3245
xf imagemagick-readdcmimage-readxcfimage-dos(36740)
Last major update 07-03-2011 - 21:59
Published 24-09-2007 - 18:17
Last modified 15-10-2018 - 17:39
Back to Top