Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-1096HistoryMar 05, 2008 - 8:44 p.m.
CVE-2008-1096
2008-03-0520:44:00
Debian Security Bug Tracker
security-tracker.debian.org
19
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.043
Percentile
92.5%
The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly related to the ScaleCharToQuantum function.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | graphicsmagick | <Β 1.1.11-3.2 | graphicsmagick_1.1.11-3.2_all.deb |
| Debian | 11 | all | graphicsmagick | <Β 1.1.11-3.2 | graphicsmagick_1.1.11-3.2_all.deb |
| Debian | 999 | all | graphicsmagick | <Β 1.1.11-3.2 | graphicsmagick_1.1.11-3.2_all.deb |
| Debian | 13 | all | graphicsmagick | <Β 1.1.11-3.2 | graphicsmagick_1.1.11-3.2_all.deb |
| Debian | 12 | all | imagemagick | <Β 7:6.3.7.9.dfsg1-2.1 | imagemagick_7:6.3.7.9.dfsg1-2.1_all.deb |
| Debian | 11 | all | imagemagick | <Β 7:6.3.7.9.dfsg1-2.1 | imagemagick_7:6.3.7.9.dfsg1-2.1_all.deb |
| Debian | 999 | all | imagemagick | <Β 7:6.3.7.9.dfsg1-2.1 | imagemagick_7:6.3.7.9.dfsg1-2.1_all.deb |
| Debian | 13 | all | imagemagick | <Β 7:6.3.7.9.dfsg1-2.1 | imagemagick_7:6.3.7.9.dfsg1-2.1_all.deb |
Related
openvas
openvas
Ubuntu Update for imagemagick vulnerability USN-681-1
2009-03-23 00:00:00
Ubuntu: Security Advisory (USN-681-1)
2009-03-23 00:00:00
Mandriva Update for ImageMagick MDVSA-2008:099 (ImageMagick)
2009-04-09 00:00:00
cvelist
cvelist
CVE-2008-1096
2008-03-05 20:00:00
prion
prion
Heap overflow
2008-03-05 20:44:00
cve
cve
CVE-2008-1096
2008-03-05 20:44:00
nessus
nessus
Ubuntu 6.06 LTS / 7.10 : imagemagick vulnerability (USN-681-1)
2009-04-23 00:00:00
Mandriva Linux Security Advisory : ImageMagick (MDVSA-2008:099)
2009-04-23 00:00:00
openSUSE 10 Security Update : GraphicsMagick (GraphicsMagick-5276)
2008-07-02 00:00:00
ubuntu
ubuntu
ImageMagick vulnerability
2008-12-01 00:00:00
ubuntucve
ubuntucve
CVE-2008-1096
2008-03-05 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:20:13
nvd
nvd
CVE-2008-1096
2008-03-05 20:44:00
seebug
seebug
ImageMagick XCFεPCXζδ»Άε€ηε ζΊ’εΊζΌζ΄
2008-04-19 00:00:00
oraclelinux
oraclelinux
ImageMagick security and bug fix update
2012-03-01 00:00:00
ImageMagick security update
2008-04-17 00:00:00
centos
centos
ImageMagick security update
2008-04-17 15:52:20
redhat
redhat
(RHSA-2008:0145) Moderate: ImageMagick security update
2008-04-16 00:00:00
debian
debian
osv
osv
imagemagick - several vulnerabilities
2009-08-10 00:00:00
graphicsmagick - several
2009-10-07 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.043
Percentile
92.5%
Related for DEBIANCVE:CVE-2008-1096