CVE-2008-1097
Memory corruption in ImageMagick's PCX coder
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption.
Desbordamiento de búfer basado en montículo en la función ReadPCXImage del codificador PCX de coders/pcx.c en (1) ImageMagick 6.2.4-5 y 6.2.8-0 y (2) GraphicsMagick (también conocido como gm) 1.1.7 permite a atacantes remotos con la complicidad del usuario provocar una denegación de servicio (caída) o posiblemente ejecutar código de su elección a través del fichero .pcx que dispara una asignación incorrecta de memoria para el array scanline, provocando corrupción de memoria.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-02-28 CVE Reserved
- 2008-03-05 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2024-10-23 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-399: Resource Management Errors
CAPEC
References (19)
URL | Tag | Source |
---|---|---|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413034 | X_refsource_confirm | |
http://osvdb.org/43213 | Vdb Entry | |
http://secunia.com/advisories/29786 | Third Party Advisory | |
http://secunia.com/advisories/29857 | Third Party Advisory | |
http://secunia.com/advisories/30967 | Third Party Advisory | |
http://secunia.com/advisories/36260 | Third Party Advisory | |
http://secunia.com/advisories/55721 | Third Party Advisory | |
http://www.securityfocus.com/bid/28822 | Vdb Entry | |
http://www.securitytracker.com/id?1019881 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/41193 | Vdb Entry | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11237 | Signature |
URL | Date | SRC |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=285861 | 2024-08-07 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Imagemagick Search vendor "Imagemagick" | Graphicsmagick Search vendor "Imagemagick" for product "Graphicsmagick" | 1.1.7 Search vendor "Imagemagick" for product "Graphicsmagick" and version "1.1.7" | - |
Affected
| ||||||
Imagemagick Search vendor "Imagemagick" | Graphicsmagick Search vendor "Imagemagick" for product "Graphicsmagick" | 1.1.8 Search vendor "Imagemagick" for product "Graphicsmagick" and version "1.1.8" | - |
Affected
| ||||||
Imagemagick Search vendor "Imagemagick" | Graphicsmagick Search vendor "Imagemagick" for product "Graphicsmagick" | 1.1.9 Search vendor "Imagemagick" for product "Graphicsmagick" and version "1.1.9" | - |
Affected
| ||||||
Imagemagick Search vendor "Imagemagick" | Graphicsmagick Search vendor "Imagemagick" for product "Graphicsmagick" | 1.1.10 Search vendor "Imagemagick" for product "Graphicsmagick" and version "1.1.10" | - |
Affected
| ||||||
Imagemagick Search vendor "Imagemagick" | Graphicsmagick Search vendor "Imagemagick" for product "Graphicsmagick" | 1.1.11 Search vendor "Imagemagick" for product "Graphicsmagick" and version "1.1.11" | - |
Affected
| ||||||
Imagemagick Search vendor "Imagemagick" | Graphicsmagick Search vendor "Imagemagick" for product "Graphicsmagick" | 1.1.12 Search vendor "Imagemagick" for product "Graphicsmagick" and version "1.1.12" | - |
Affected
| ||||||
Imagemagick Search vendor "Imagemagick" | Imagemagick Search vendor "Imagemagick" for product "Imagemagick" | 6.2.8.0 Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.8.0" | - |
Affected
| ||||||
Imagemagick Search vendor "Imagemagick" | Imagemagick Search vendor "Imagemagick" for product "Imagemagick" | 6.2.8.1 Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.8.1" | - |
Affected
| ||||||
Imagemagick Search vendor "Imagemagick" | Imagemagick Search vendor "Imagemagick" for product "Imagemagick" | 6.2.8.2 Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.8.2" | - |
Affected
| ||||||
Imagemagick Search vendor "Imagemagick" | Imagemagick Search vendor "Imagemagick" for product "Imagemagick" | 6.2.8.3 Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.8.3" | - |
Affected
|