Back to search
CVE-2008-1096
Published: Mar 5, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly related to the ScaleCharToQuantum function.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
imagemagick-loadtile-code-execution(41194)
vdb-entry
x_refsource_XF
32945
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:0145
vendor-advisory
x_refsource_REDHAT
28821
vdb-entry
x_refsource_BID
43212
vdb-entry
x_refsource_OSVDB
29786
third-party-advisory
x_refsource_SECUNIA
30967
third-party-advisory
x_refsource_SECUNIA
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414370
x_refsource_MISC
SUSE-SR:2008:014
vendor-advisory
x_refsource_SUSE
MDVSA-2008:099
vendor-advisory
x_refsource_MANDRIVA
1019880
vdb-entry
x_refsource_SECTRACK
DSA-1858
vendor-advisory
x_refsource_DEBIAN
https://bugzilla.redhat.com/show_bug.cgi?id=286411
x_refsource_MISC
oval:org.mitre.oval:def:10843
vdb-entry
signature
x_refsource_OVAL
USN-681-1
vendor-advisory
x_refsource_UBUNTU
36260
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now