[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-5456Date: (C)2006-10-23   (M)2023-12-22


Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.1
Exploit Score: 4.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
http://www.securityfocus.com/archive/1/archive/1/452718/100/100/threaded
20070201-01-P
http://www.securityfocus.com/archive/1/archive/1/459507/100/0/threaded
BID-20707
SECUNIA-22569
SECUNIA-22572
SECUNIA-22601
SECUNIA-22604
SECUNIA-22819
SECUNIA-22834
SECUNIA-22998
SECUNIA-23090
SECUNIA-23121
SECUNIA-24186
SECUNIA-24196
SECUNIA-24284
SECUNIA-24458
OSVDB-29990
ADV-2006-4170
ADV-2006-4171
DSA-1213
GLSA-200611-07
GLSA-200611-19
MDKSA-2006:193
MDKSA-2007:041
RHSA-2007:0015
SSA:2007-066-06
SUSE-SA:2006:066
SUSE-SR:2007:003
USN-372-1
USN-422-1
http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921
https://issues.rpath.com/browse/RPL-1034
https://issues.rpath.com/browse/RPL-811
imagemagick-graphicsmagick-palm-bo(29816)

CPE    8
cpe:/a:imagemagick:imagemagick:6.0.7
cpe:/a:graphicsmagick:graphicsmagick:1.1.3
cpe:/a:graphicsmagick:graphicsmagick:1.1.4
cpe:/a:graphicsmagick:graphicsmagick:1.0.6
...
CWE    1
CWE-119

© SecPod Technologies