CVE-2007-0770

2007-02-1220:28:00

mitre

web.nvd.nist.gov

graphicsmagick

imagemagick

buffer overflow

remote attackers

denial of service

arbitrary code execution

palm image

readpalmimage

cve-2007-0770

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.049

Percentile

92.9%

JSON

Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an incomplete patch for CVE-2006-5456.

Affected configurations

Nvd

Node

graphicsmagickgraphicsmagick

imagemagickimagemagickMatch6.3.3.4

VendorProductVersionCPE
graphicsmagickgraphicsmagick*cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*
imagemagickimagemagick6.3.3.4cpe:2.3:a:imagemagick:imagemagick:6.3.3.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
graphicsmagick	graphicsmagick	*	cpe:2.3:a:graphicsmagick:graphicsmagick::::::::
imagemagick	imagemagick	6.3.3.4	cpe:2.3:a:imagemagick:imagemagick:6.3.3.4:::::::*