CVE Vulnerabilities

CVE-2009-1882

Published: Jun 02, 2009 | Modified: Oct 10, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
6.8 MODERATE
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V3
Ubuntu
MEDIUM

Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow. NOTE: some of these details are obtained from third party information.

Affected Software

Name Vendor Start Version End Version
Imagemagick Imagemagick 6.5.2-8 (including) 6.5.2-8 (including)
Red Hat Enterprise Linux 4 RedHat ImageMagick-0:6.0.7.1-20.el4_8.1 *
Red Hat Enterprise Linux 5 RedHat ImageMagick-0:6.2.8.0-4.el5_5.2 *
Graphicsmagick Ubuntu hardy *
Graphicsmagick Ubuntu intrepid *
Graphicsmagick Ubuntu jaunty *
Graphicsmagick Ubuntu upstream *
Imagemagick Ubuntu dapper *
Imagemagick Ubuntu devel *
Imagemagick Ubuntu hardy *
Imagemagick Ubuntu intrepid *
Imagemagick Ubuntu jaunty *
Imagemagick Ubuntu karmic *
Imagemagick Ubuntu lucid *
Imagemagick Ubuntu maverick *
Imagemagick Ubuntu natty *
Imagemagick Ubuntu oneiric *

References