6.8

CVE-2008-1097

Exploit
Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ImagemagickGraphicsmagick Version1.1.7
ImagemagickGraphicsmagick Version1.1.8
ImagemagickGraphicsmagick Version1.1.9
ImagemagickGraphicsmagick Version1.1.10
ImagemagickGraphicsmagick Version1.1.11
ImagemagickGraphicsmagick Version1.1.12
ImagemagickImagemagick Version6.2.8.0
ImagemagickImagemagick Version6.2.8.1
ImagemagickImagemagick Version6.2.8.2
ImagemagickImagemagick Version6.2.8.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.48% 0.902
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html
http://secunia.com/advisories/30967
http://secunia.com/advisories/36260
http://www.debian.org/security/2009/dsa-1858
http://secunia.com/advisories/29786
http://secunia.com/advisories/29857
http://www.redhat.com/support/errata/RHSA-2008-0145.html
http://www.redhat.com/support/errata/RHSA-2008-0165.html
http://www.mandriva.com/security/advisories?name=MDVSA-2008:099
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413034
http://osvdb.org/43213
http://secunia.com/advisories/55721
http://security.gentoo.org/glsa/glsa-201311-10.xml
http://www.securityfocus.com/bid/28822
http://www.securitytracker.com/id?1019881
https://bugzilla.redhat.com/show_bug.cgi?id=285861
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/41193
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11237