CVE-2008-1097 – Memory corruption in ImageMagick's PCX coder
https://notcve.org/view.php?id=CVE-2008-1097
Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption. Desbordamiento de búfer basado en montículo en la función ReadPCXImage del codificador PCX de coders/pcx.c en (1) ImageMagick 6.2.4-5 y 6.2.8-0 y (2) GraphicsMagick (también conocido como gm) 1.1.7 permite a atacantes remotos con la complicidad del usuario provocar una denegación de servicio (caída) o posiblemente ejecutar código de su elección a través del fichero .pcx que dispara una asignación incorrecta de memoria para el array scanline, provocando corrupción de memoria. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413034 http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html http://osvdb.org/43213 http://secunia.com/advisories/29786 http://secunia.com/advisories/29857 http://secunia.com/advisories/30967 http://secunia.com/advisories/36260 http://secunia.com/advisories/55721 http://security.gentoo.org/glsa/glsa-201311-10.xml http://www.debian.org/security/2009/dsa-1858 http://www.mandriva.com/security/advisories?n • CWE-399: Resource Management Errors •
CVE-2006-5456 – Overflows in GraphicsMagick and ImageMagick's DCM and PALM handling routines
https://notcve.org/view.php?id=CVE-2006-5456
Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. Múltiples desbordamientos de búfer en GraphicsMagick anterior a 1.1.7 e ImageMagick 6.0.7 permiten a atacantes con intervención del usuario provocar una denegación de servicio y posiblemente ejecutar código de su elección mediante (1) una imagen DCM que no es manejada adecuadamente por la función ReadDCMImage en coders/dcm.c, o (2) una imagen PALM que no es manejada adecuadamente por la función ReadPALMImage en coders/palm.c. • ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9 http://secunia.com/advisories/22569 http://secunia.com/advisories/22572 http://secunia.com/advisories/22601 http://secunia.com/advisories/22604 http://secunia.com/advisories/22819 http://secunia.com/advisories/22834 http://secunia.com/advisories/22998 http://secunia.com/advisories/23090 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2005-1739
https://notcve.org/view.php?id=CVE-2005-1739
The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask. • http://bugs.gentoo.org/show_bug.cgi?id=90423 http://secunia.com/advisories/15429 http://secunia.com/advisories/15446 http://secunia.com/advisories/15453 http://security.gentoo.org/glsa/glsa-200505-16.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:107 http://www.osvdb.org/16774 http://www.osvdb.org/16775 http://www.redhat.com/support/errata/RHSA-2005-480.html http://www.securityfocus.com/bid/13705 https://oval.cisecurity.org/repository/search/defini •
CVE-2005-1275 – ImageMagick 6.x - '.PNM' Image Decoding Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-1275
Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value. • https://www.exploit-db.com/exploits/25527 http://bugs.gentoo.org/show_bug.cgi?id=90423 http://seclists.org/lists/bugtraq/2005/Apr/0407.html http://www.imagemagick.org/script/changelog.php http://www.mandriva.com/security/advisories?name=MDKSA-2005:107 http://www.overflow.pl/adv/imheapoverflow.txt http://www.redhat.com/support/errata/RHSA-2005-413.html http://www.securityfocus.com/bid/13351 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3 •
CVE-2005-0005
https://notcve.org/view.php?id=CVE-2005-0005
Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. • http://marc.info/?l=bugtraq&m=110608222117215&w=2 http://www.debian.org/security/2005/dsa-646 http://www.gentoo.org/security/en/glsa/glsa-200501-37.xml http://www.idefense.com/application/poi/display?id=184&type=vulnerabilities http://www.redhat.com/support/errata/RHSA-2005-070.html http://www.redhat.com/support/errata/RHSA-2005-071.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9925 https://access.redhat.com/security/cve/CVE-2 •