Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2006-5456

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-23 Oct, 2006 | 17:00
Updated At-07 Aug, 2024 | 19:48
Rejected At-
Credits

Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:23 Oct, 2006 | 17:00
Updated At:07 Aug, 2024 | 19:48
Rejected At:
▼CVE Numbering Authority (CNA)

Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/24196
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/4170
vdb-entry
x_refsource_VUPEN
http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9
x_refsource_CONFIRM
http://secunia.com/advisories/22572
third-party-advisory
x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200611-07.xml
vendor-advisory
x_refsource_GENTOO
http://secunia.com/advisories/22601
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/24458
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/452718/100/100/threaded
mailing-list
x_refsource_BUGTRAQ
http://secunia.com/advisories/22834
third-party-advisory
x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765
vdb-entry
signature
x_refsource_OVAL
https://exchange.xforce.ibmcloud.com/vulnerabilities/29816
vdb-entry
x_refsource_XF
http://secunia.com/advisories/23090
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/24284
third-party-advisory
x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1034
x_refsource_CONFIRM
http://www.novell.com/linux/security/advisories/2006_66_imagemagick.html
vendor-advisory
x_refsource_SUSE
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.352092
vendor-advisory
x_refsource_SLACKWARE
http://secunia.com/advisories/22819
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/22604
third-party-advisory
x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2007_3_sr.html
vendor-advisory
x_refsource_SUSE
http://www.ubuntu.com/usn/usn-422-1
vendor-advisory
x_refsource_UBUNTU
http://www.securityfocus.com/archive/1/459507/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://security.gentoo.org/glsa/glsa-200611-19.xml
vendor-advisory
x_refsource_GENTOO
http://www.securityfocus.com/bid/20707
vdb-entry
x_refsource_BID
http://secunia.com/advisories/23121
third-party-advisory
x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-811
x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2007-0015.html
vendor-advisory
x_refsource_REDHAT
http://www.vupen.com/english/advisories/2006/4171
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/22998
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/24186
third-party-advisory
x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
vendor-advisory
x_refsource_SGI
http://www.debian.org/security/2006/dsa-1213
vendor-advisory
x_refsource_DEBIAN
http://www.osvdb.org/29990
vdb-entry
x_refsource_OSVDB
http://www.ubuntu.com/usn/usn-372-1
vendor-advisory
x_refsource_UBUNTU
http://secunia.com/advisories/22569
third-party-advisory
x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:193
vendor-advisory
x_refsource_MANDRIVA
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921
x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDKSA-2007:041
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://secunia.com/advisories/24196
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2006/4170
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/22572
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://security.gentoo.org/glsa/glsa-200611-07.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://secunia.com/advisories/22601
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/24458
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/archive/1/452718/100/100/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://secunia.com/advisories/22834
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/29816
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://secunia.com/advisories/23090
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/24284
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://issues.rpath.com/browse/RPL-1034
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.novell.com/linux/security/advisories/2006_66_imagemagick.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.352092
Resource:
vendor-advisory
x_refsource_SLACKWARE
Hyperlink: http://secunia.com/advisories/22819
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/22604
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.novell.com/linux/security/advisories/2007_3_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.ubuntu.com/usn/usn-422-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.securityfocus.com/archive/1/459507/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://security.gentoo.org/glsa/glsa-200611-19.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://www.securityfocus.com/bid/20707
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/23121
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://issues.rpath.com/browse/RPL-811
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0015.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.vupen.com/english/advisories/2006/4171
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/22998
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/24186
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
Resource:
vendor-advisory
x_refsource_SGI
Hyperlink: http://www.debian.org/security/2006/dsa-1213
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.osvdb.org/29990
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.ubuntu.com/usn/usn-372-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://secunia.com/advisories/22569
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:193
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:041
Resource:
vendor-advisory
x_refsource_MANDRIVA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/24196
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2006/4170
vdb-entry
x_refsource_VUPEN
x_transferred
http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/22572
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://security.gentoo.org/glsa/glsa-200611-07.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://secunia.com/advisories/22601
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/24458
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/archive/1/452718/100/100/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://secunia.com/advisories/22834
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765
vdb-entry
signature
x_refsource_OVAL
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/29816
vdb-entry
x_refsource_XF
x_transferred
http://secunia.com/advisories/23090
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/24284
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://issues.rpath.com/browse/RPL-1034
x_refsource_CONFIRM
x_transferred
http://www.novell.com/linux/security/advisories/2006_66_imagemagick.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.352092
vendor-advisory
x_refsource_SLACKWARE
x_transferred
http://secunia.com/advisories/22819
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/22604
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.novell.com/linux/security/advisories/2007_3_sr.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.ubuntu.com/usn/usn-422-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.securityfocus.com/archive/1/459507/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://security.gentoo.org/glsa/glsa-200611-19.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://www.securityfocus.com/bid/20707
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/23121
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://issues.rpath.com/browse/RPL-811
x_refsource_CONFIRM
x_transferred
http://www.redhat.com/support/errata/RHSA-2007-0015.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.vupen.com/english/advisories/2006/4171
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/22998
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/24186
third-party-advisory
x_refsource_SECUNIA
x_transferred
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
vendor-advisory
x_refsource_SGI
x_transferred
http://www.debian.org/security/2006/dsa-1213
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.osvdb.org/29990
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.ubuntu.com/usn/usn-372-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://secunia.com/advisories/22569
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2006:193
vendor-advisory
x_refsource_MANDRIVA
x_transferred
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921
x_refsource_CONFIRM
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2007:041
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://secunia.com/advisories/24196
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/4170
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/22572
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200611-07.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://secunia.com/advisories/22601
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/24458
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/452718/100/100/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://secunia.com/advisories/22834
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/29816
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://secunia.com/advisories/23090
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/24284
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-1034
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2006_66_imagemagick.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.352092
Resource:
vendor-advisory
x_refsource_SLACKWARE
x_transferred
Hyperlink: http://secunia.com/advisories/22819
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/22604
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2007_3_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-422-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/459507/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200611-19.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://www.securityfocus.com/bid/20707
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/23121
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-811
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0015.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/4171
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/22998
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/24186
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
Resource:
vendor-advisory
x_refsource_SGI
x_transferred
Hyperlink: http://www.debian.org/security/2006/dsa-1213
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.osvdb.org/29990
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-372-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://secunia.com/advisories/22569
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:193
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:041
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:23 Oct, 2006 | 17:07
Updated At:17 Oct, 2018 | 21:43

Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.1MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 5.1
Base severity: MEDIUM
Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P
CPE Matches
GraphicsMagick
graphicsmagick
>>graphicsmagick>>Versions up to 1.1.6(inclusive)
cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.0
cpe:2.3:a:graphicsmagick:graphicsmagick:1.0:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.0.6
cpe:2.3:a:graphicsmagick:graphicsmagick:1.0.6:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.1
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.1.3
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.3:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.1.4
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.4:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.1.5
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.5:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.7
cpe:2.3:a:imagemagick:imagemagick:6.0.7:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

This vulnerability is addressed in the following product release: GraphicsMagick, GraphicsMagick, 1.1.7 Unable to identify a patch for ImageMagick.

Vendor Statements
Organization : Red Hat
Last Modified : 2007-03-14T00:00:00

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

References
HyperlinkSourceResource
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.ascsecalert@redhat.com
N/A
http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9secalert@redhat.com
N/A
http://secunia.com/advisories/22569secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/22572secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/22601secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/22604secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/22819secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/22834secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/22998secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/23090secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/23121secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/24186secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/24196secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/24284secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/24458secalert@redhat.com
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200611-07.xmlsecalert@redhat.com
N/A
http://security.gentoo.org/glsa/glsa-200611-19.xmlsecalert@redhat.com
N/A
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.352092secalert@redhat.com
N/A
http://www.debian.org/security/2006/dsa-1213secalert@redhat.com
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:193secalert@redhat.com
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:041secalert@redhat.com
N/A
http://www.novell.com/linux/security/advisories/2006_66_imagemagick.htmlsecalert@redhat.com
N/A
http://www.novell.com/linux/security/advisories/2007_3_sr.htmlsecalert@redhat.com
N/A
http://www.osvdb.org/29990secalert@redhat.com
N/A
http://www.redhat.com/support/errata/RHSA-2007-0015.htmlsecalert@redhat.com
Vendor Advisory
http://www.securityfocus.com/archive/1/452718/100/100/threadedsecalert@redhat.com
N/A
http://www.securityfocus.com/archive/1/459507/100/0/threadedsecalert@redhat.com
N/A
http://www.securityfocus.com/bid/20707secalert@redhat.com
N/A
http://www.ubuntu.com/usn/usn-372-1secalert@redhat.com
N/A
http://www.ubuntu.com/usn/usn-422-1secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2006/4170secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2006/4171secalert@redhat.com
Vendor Advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921secalert@redhat.com
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/29816secalert@redhat.com
N/A
https://issues.rpath.com/browse/RPL-1034secalert@redhat.com
N/A
https://issues.rpath.com/browse/RPL-811secalert@redhat.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765secalert@redhat.com
N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/22569
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22572
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22601
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22604
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22819
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22834
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22998
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/23090
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/23121
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/24186
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/24196
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/24284
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/24458
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200611-07.xml
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200611-19.xml
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.352092
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.debian.org/security/2006/dsa-1213
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:193
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:041
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2006_66_imagemagick.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2007_3_sr.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.osvdb.org/29990
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0015.html
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/archive/1/452718/100/100/threaded
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/459507/100/0/threaded
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/20707
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/usn-372-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/usn-422-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/4170
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2006/4171
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921
Source: secalert@redhat.com
Resource:
Patch
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/29816
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-1034
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-811
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765
Source: secalert@redhat.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

153Records found
CVE-2016-10059
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.00%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10067
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.10% / 77.09%
||
7 Day CHG~0.00%
Published-02 Mar, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10046
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.40% / 59.80%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10063
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.88% / 74.41%
||
7 Day CHG~0.00%
Published-02 Mar, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to extend validity.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10056
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.24% / 47.32%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10055
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 56.20%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the WritePDBImage function in coders/pdb.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10049
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.36% / 57.53%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10050
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.

Action-Not Available
Vendor-n/aopenSUSEImageMagick Studio LLC
Product-leapimagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10052
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10064
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-02 Mar, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aopenSUSEImageMagick Studio LLC
Product-leapimagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10057
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 56.20%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10054
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 56.20%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-8957
Matching Score-6
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-6
Assigner-Debian GNU/Linux
CVSS Score-6.5||MEDIUM
EPSS-0.67% / 70.36%
||
7 Day CHG~0.00%
Published-20 Apr, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-8808
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.53% / 66.27%
||
7 Day CHG~0.00%
Published-13 Jul, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.

Action-Not Available
Vendor-n/aFedora ProjectGraphicsMagickSUSE
Product-studio_onsitefedoragraphicsmagicklinux_enterprise_debuginfolinux_enterprise_software_development_kitn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9845
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.42% / 60.93%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.

Action-Not Available
Vendor-n/aCanonical Ltd.SUSEopenSUSEImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serverleapsuse_linux_enterprise_software_development_kitstudio_onsitesuse_linux_enterprise_desktopimagemagickubuntu_linuxsuse_linux_enterprise_debuginfoopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9833
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9834
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9840
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.39% / 59.01%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9843
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.09% / 77.00%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors.

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serversuse_linux_enterprise_software_development_kitleapimagemagickubuntu_linuxsuse_linux_enterprise_desktopopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9836
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.39% / 59.01%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9822
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.34%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9824
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.30% / 52.47%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9825
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.30% / 52.47%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9835
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9821
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.34%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9820
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.34%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9832
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.20% / 42.25%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9846
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.59% / 85.00%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.

Action-Not Available
Vendor-n/aCanonical Ltd.SUSEopenSUSEImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serverleapsuse_linux_enterprise_software_development_kitstudio_onsitesuse_linux_enterprise_desktopimagemagickubuntu_linuxsuse_linux_enterprise_debuginfoopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9847
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.46% / 87.07%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serverleapsuse_linux_enterprise_software_development_kitstudio_onsitesuse_linux_enterprise_desktopimagemagickubuntu_linuxsuse_linux_enterprise_debuginfoopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9817
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.34%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-6071
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-6.08% / 90.39%
||
7 Day CHG~0.00%
Published-06 Feb, 2009 | 01:00
Updated-07 Aug, 2024 | 11:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aGraphicsMagick
Product-graphicsmagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-6070
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-3.36% / 86.83%
||
7 Day CHG~0.00%
Published-06 Feb, 2009 | 01:00
Updated-07 Aug, 2024 | 11:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image, a different vulnerability than CVE-2007-0770. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aGraphicsMagick
Product-graphicsmagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5511
Matching Score-6
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-6
Assigner-Debian GNU/Linux
CVSS Score-9.8||CRITICAL
EPSS-1.35% / 79.34%
||
7 Day CHG~0.00%
Published-24 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.

Action-Not Available
Vendor-n/aDebian GNU/LinuxImageMagick Studio LLC
Product-debian_linuximagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-7275
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.19% / 40.76%
||
7 Day CHG~0.00%
Published-27 Mar, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-3438
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.14% / 77.51%
||
7 Day CHG~0.00%
Published-07 Aug, 2012 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.

Action-Not Available
Vendor-n/aGraphicsMagick
Product-graphicsmagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-1270
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.31%
||
7 Day CHG~0.00%
Published-28 Sep, 2022 | 00:00
Updated-21 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In GraphicsMagick, a heap buffer overflow was found when parsing MIFF.

Action-Not Available
Vendor-n/aDebian GNU/LinuxGraphicsMagick
Product-graphicsmagickdebian_linuxGraphicsMagick
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-16644
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.28% / 51.01%
||
7 Day CHG~0.00%
Published-06 Sep, 2018 | 22:00
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.

Action-Not Available
Vendor-n/aImageMagick Studio LLCDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuximagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-8683
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.29% / 52.12%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."

Action-Not Available
Vendor-n/aDebian GNU/LinuxGraphicsMagickopenSUSE
Product-debian_linuxopensusegraphicsmagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-2054
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.1||MEDIUM
EPSS-1.82% / 82.11%
||
7 Day CHG~0.00%
Published-09 Jul, 2013 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2053 and CVE-2013-2054.

Action-Not Available
Vendor-strongswann/a
Product-strongswann/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-2052
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.85% / 73.94%
||
7 Day CHG~0.00%
Published-09 Jul, 2013 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the atodn function in libreswan 3.0 and 3.1, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2053 and CVE-2013-2054.

Action-Not Available
Vendor-libreswann/a
Product-libreswann/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2006-4146
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-1.26% / 78.57%
||
7 Day CHG~0.00%
Published-31 Aug, 2006 | 22:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations.

Action-Not Available
Vendor-n/aGNU
Product-gdbn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2006-4687
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-5.1||MEDIUM
EPSS-62.17% / 98.29%
||
7 Day CHG~0.00%
Published-14 Nov, 2006 | 21:00
Updated-07 Aug, 2024 | 19:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via crafted layout combinations involving DIV tags and HTML CSS float properties that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorerien/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2006-3582
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-9.03% / 92.29%
||
7 Day CHG~0.00%
Published-13 Jul, 2006 | 19:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple heap-based buffer overflows in Audacious AdPlug 2.0 and earlier allow remote user-assisted attackers to execute arbitrary code via the size specified in the package header of (1) CFF, (2) MTK, (3) DMO, and (4) U6M files.

Action-Not Available
Vendor-audacious_media_player_teamn/a
Product-adplugn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2006-3600
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-6.10% / 90.41%
||
7 Day CHG~0.00%
Published-14 Jul, 2006 | 20:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp (TunePimp) 0.4.2 allow remote user-assisted attackers to cause a denial of service (application crash) and possibly execute code via a long (1) Album release date (MBE_ReleaseGetDate), (2) data, or (3) error strings.

Action-Not Available
Vendor-libtunepimpn/a
Product-libtunepimpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-4424
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.61% / 68.74%
||
7 Day CHG~0.00%
Published-09 Oct, 2013 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string that triggers a malloc failure and use of the alloca function.

Action-Not Available
Vendor-n/aGNU
Product-glibcn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2006-2200
Matching Score-4
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-4
Assigner-Debian GNU/Linux
CVSS Score-5.1||MEDIUM
EPSS-3.55% / 87.22%
||
7 Day CHG~0.00%
Published-27 Jun, 2006 | 19:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in libmms, as used by (a) MiMMS 0.0.9 and (b) xine-lib 1.1.0 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the (1) send_command, (2) string_utf16, (3) get_data, and (4) get_media_packet functions, and possibly other functions.

Action-Not Available
Vendor-mimmsxinen/a
Product-mimmsxine-libn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2006-2085
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-4.98% / 89.27%
||
7 Day CHG~0.00%
Published-29 Apr, 2006 | 10:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in SpeedProject Squeez 5.10 Build 4460, and SpeedCommander 10.52 Build 4450 and 11.01 Build 4450, allow user-assisted remote attackers to execute arbitrary code via an ACE archive that contains a file with a long filename.

Action-Not Available
Vendor-speedprojectn/a
Product-speedcommandersqueezn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2006-1454
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-24.61% / 95.91%
||
7 Day CHG~0.00%
Published-12 May, 2006 | 20:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file with malformed image data.

Action-Not Available
Vendor-n/aApple Inc.
Product-quicktimen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2006-1453
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-24.61% / 95.91%
||
7 Day CHG~0.00%
Published-12 May, 2006 | 20:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file containing malformed font information.

Action-Not Available
Vendor-n/aApple Inc.
Product-quicktimen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2006-1463
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-13.10% / 93.84%
||
7 Day CHG~0.00%
Published-12 May, 2006 | 20:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a H.264 (M4V) video format file with a certain modified size value.

Action-Not Available
Vendor-n/aApple Inc.
Product-quicktimen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found