CVE-2008-1097 (retired)

Priority
Description
Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in
coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick
(aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of
service (crash) or possibly execute arbitrary code via a crafted .pcx file
that triggers incorrect memory allocation for the scanline array, leading
to memory corruption.
Notes
 jdstrand> tried the reproducer in the bug reports, and imagemagick not
  affected. Debian report says amd64 should be affected (but can't reproduce)
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Patches:
Vendor:https://rhn.redhat.com/errata/RHSA-2008-0145.html
More Information

Updated: 2019-09-19 15:11:26 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)