5

CVE-2008-3134

Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GraphicsmagickGraphicsmagick Version1.0.4
GraphicsmagickGraphicsmagick Version1.0.6
GraphicsmagickGraphicsmagick Version1.1.3
GraphicsmagickGraphicsmagick Version1.1.4
GraphicsmagickGraphicsmagick Version1.1.5
GraphicsmagickGraphicsmagick Version1.1.6
GraphicsmagickGraphicsmagick Version1.1.8
GraphicsmagickGraphicsmagick Version1.1.9
GraphicsmagickGraphicsmagick Version1.1.10
GraphicsmagickGraphicsmagick Version1.1.11
GraphicsmagickGraphicsmagick Version1.1.12
GraphicsmagickGraphicsmagick Version1.2.18
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.13% 0.795
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html
http://secunia.com/advisories/32151
http://secunia.com/advisories/30879
Vendor Advisory
http://sourceforge.net/forum/forum.php?forum_id=841176
http://sourceforge.net/project/shownotes.php?release_id=610253
http://www.securityfocus.com/bid/30055
http://www.securitytracker.com/id?1020413
http://www.vupen.com/english/advisories/2008/1984/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/43511
https://exchange.xforce.ibmcloud.com/vulnerabilities/43513