--%> SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)
[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2006-5456

Date: (C)2006-10-23   (M)2017-10-12
 
CVSS Score: 5.1Access Vector: NETWORK
Exploitability Subscore: 4.9Access Complexity: HIGH
Impact Subscore: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL











Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.

Reference:
http://www.securityfocus.com/archive/1/archive/1/452718/100/100/threaded
20070201-01-P
http://www.securityfocus.com/archive/1/archive/1/459507/100/0/threaded
BID-20707
SECUNIA-22569
SECUNIA-22572
SECUNIA-22601
SECUNIA-22604
SECUNIA-22819
SECUNIA-22834
SECUNIA-22998
SECUNIA-23090
SECUNIA-23121
SECUNIA-24186
SECUNIA-24196
SECUNIA-24284
SECUNIA-24458
OSVDB-29990
ADV-2006-4170
ADV-2006-4171
DSA-1213
GLSA-200611-07
GLSA-200611-19
MDKSA-2006:193
MDKSA-2007:041
RHSA-2007:0015
SSA:2007-066-06
SUSE-SA:2006:066
SUSE-SR:2007:003
USN-372-1
USN-422-1
http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921
https://issues.rpath.com/browse/RPL-1034
https://issues.rpath.com/browse/RPL-811
imagemagick-graphicsmagick-palm-bo(29816)

CPE    8
cpe:/a:imagemagick:imagemagick:6.0.7
cpe:/a:graphicsmagick:graphicsmagick:1.1.3
cpe:/a:graphicsmagick:graphicsmagick:1.1.4
cpe:/a:graphicsmagick:graphicsmagick:1.0.6
...
CWE    1
CWE-119

© 2013 SecPod Technologies