CVE-2008-1096
Published: 5 March 2008
The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly related to the ScaleCharToQuantum function.
Notes
Author | Note |
---|---|
jdstrand | Debian and Redhat bugs have test cases |
Priority
Status
Package | Release | Status |
---|---|---|
graphicsmagick Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
edgy |
Ignored
(end of life, was needed)
|
|
feisty |
Ignored
(end of life, was needed)
|
|
gutsy |
Ignored
(end of life, was needed)
|
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Ignored
(end of life, was needed)
|
|
jaunty |
Released
(1.1.11-3.2+lenny1build0.9.04.1)
|
|
karmic |
Released
(1.3.5-5.1)
|
|
lucid |
Released
(1.3.5-5.1)
|
|
maverick |
Released
(1.3.5-5.1)
|
|
natty |
Released
(1.3.5-5.1)
|
|
oneiric |
Released
(1.3.5-5.1)
|
|
upstream |
Released
(1.3.5-5.1)
|
|
imagemagick Launchpad, Ubuntu, Debian |
dapper |
Released
(6:6.2.4.5-0.6ubuntu0.8)
|
edgy |
Ignored
(end of life, was needed)
|
|
feisty |
Ignored
(end of life, was needed)
|
|
gutsy |
Released
(7:6.2.4.5.dfsg1-2ubuntu1.1)
|
|
hardy |
Not vulnerable
(7:6.3.7.9.dfsg1-2ubuntu1)
|
|
intrepid |
Not vulnerable
(7:6.3.7.9.dfsg1-2ubuntu3)
|
|
jaunty |
Not vulnerable
(7:6.4.5.4.dfsg1-1ubuntu1)
|
|
karmic |
Not vulnerable
(7:6.4.5.4.dfsg1-1ubuntu1)
|
|
lucid |
Not vulnerable
(7:6.4.5.4.dfsg1-1ubuntu1)
|
|
maverick |
Not vulnerable
(7:6.4.5.4.dfsg1-1ubuntu1)
|
|
natty |
Not vulnerable
(7:6.4.5.4.dfsg1-1ubuntu1)
|
|
oneiric |
Not vulnerable
(7:6.4.5.4.dfsg1-1ubuntu1)
|
|
upstream |
Needs triage
|
|
Patches: vendor: https://rhn.redhat.com/errata/RHSA-2008-0145.html |