CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
92.5%
The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick
6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote
attackers to cause a denial of service (crash) or possibly execute
arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap
write, possibly related to the ScaleCharToQuantum function.
Author | Note |
---|---|
jdstrand | Debian and Redhat bugs have test cases |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 9.04 | noarch | graphicsmagick | <Β 1.1.11-3.2+lenny1build0.9.04.1 | UNKNOWN |
ubuntu | 9.10 | noarch | graphicsmagick | <Β 1.3.5-5.1 | UNKNOWN |
ubuntu | 10.04 | noarch | graphicsmagick | <Β 1.3.5-5.1 | UNKNOWN |
ubuntu | 10.10 | noarch | graphicsmagick | <Β 1.3.5-5.1 | UNKNOWN |
ubuntu | 11.04 | noarch | graphicsmagick | <Β 1.3.5-5.1 | UNKNOWN |
ubuntu | 11.10 | noarch | graphicsmagick | <Β 1.3.5-5.1 | UNKNOWN |
ubuntu | 6.06 | noarch | imagemagick | <Β 6:6.2.4.5-0.6ubuntu0.8 | UNKNOWN |
ubuntu | 7.10 | noarch | imagemagick | <Β 7:6.2.4.5.dfsg1-2ubuntu1.1 | UNKNOWN |