Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2004-0827

Published: 16/09/2004 Updated: 11/10/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Multiple buffer overflows in the ImageMagick graphics library 5.x prior to 5.4.4, and 6.x prior to 6.0.6.2, allow remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.

Vulnerable Product Search on Vulmon Subscribe to Product

enlightenment imlib 1.9.8

enlightenment imlib2 1.1.1

enlightenment imlib 1.9.3

enlightenment imlib2 1.0

imagemagick imagemagick 5.4.3

conectiva linux 9.0

imagemagick imagemagick 6.0.2

enlightenment imlib 1.9.13

imagemagick imagemagick 5.4.8

enlightenment imlib 1.9.7

enlightenment imlib 1.9.1

enlightenment imlib2 1.0.5

imagemagick imagemagick 5.4.8.2.1.1.0

enlightenment imlib 1.9.10

enlightenment imlib 1.9.4

imagemagick imagemagick 5.5.3.2.1.2.0

imagemagick imagemagick 5.4.7

enlightenment imlib 1.9.2

sun java desktop system 2003

enlightenment imlib2 1.0.2

imagemagick imagemagick 5.4.4.5

enlightenment imlib 1.9.11

imagemagick imagemagick 5.5.6.0 2003-04-09

sun java desktop system 2.0

enlightenment imlib2 1.1

enlightenment imlib 1.9.12

enlightenment imlib 1.9.9

imagemagick imagemagick 5.3.3

enlightenment imlib2 1.0.3

enlightenment imlib2 1.0.4

enlightenment imlib 1.9.5

enlightenment imlib 1.9.6

conectiva linux 10.0

enlightenment imlib 1.9

enlightenment imlib 1.9.14

enlightenment imlib2 1.0.1

imagemagick imagemagick 5.5.7

redhat enterprise linux 2.1

redhat fedora core core 2.0

mandrakesoft mandrake linux corporate server 2.1

suse suse linux 9.2

redhat enterprise linux desktop 3.0

suse suse linux 9.0

ubuntu ubuntu linux 4.1

redhat linux advanced workstation 2.1

suse suse linux 8.2

redhat enterprise linux 3.0

mandrakesoft mandrake linux 9.2

turbolinux turbolinux desktop 10.0

redhat fedora core core 1.0

suse suse linux 8.0

suse suse linux 9.1

turbolinux turbolinux workstation 7.0

turbolinux turbolinux server 7.0

turbolinux turbolinux server 8.0

mandrakesoft mandrake linux 10.0

redhat fedora core core 3.0

turbolinux turbolinux workstation 8.0

suse suse linux 8.1

Vendor Advisories

Ubuntu Security Notice: imagemagick vulnerabilities
Markus Meissner discovered several potential buffer overflows in some image decoding functions of ImageMagick Decoding a malicious BMP or DIB image or AVI video might result in execution of arbitrary code with the user’s privileges ...
Red Hat: ImageMagick security update
Synopsis ImageMagick security update Type/Severity Security Advisory: Important Topic Updated ImageMagick packages that fix a BMP loader vulnerability are nowavailable Description ImageMagick(TM) is an image display and manipulation tool for the X WindowSystemA heap overflow flaw has been ...
Red Hat: ImageMagick security update
Synopsis ImageMagick security update Type/Severity Security Advisory: Important Topic Updated ImageMagick packages that fixes a buffer overflow are now available Description ImageMagick(TM) is an image display and manipulation tool for the X WindowSystemA buffer overflow flaw was discover ...
Red Hat: ImageMagick security update
Synopsis ImageMagick security update Type/Severity Security Advisory: Important Topic Updated ImageMagick packages that fix various security vulnerabilities arenow available Description ImageMagick(TM) is an image display and manipulation tool for the X WindowSystemA heap overflow flaw wa ...
Debian Security Advisories: DSA-547-1 imagemagick -- buffer overflows
Marcus Meissner from SUSE has discovered several buffer overflows in the ImageMagick graphics library An attacker could create a malicious image or video file in AVI, BMP, or DIB format that could crash the reading process It might be possible that carefully crafted images could also allow to execute arbitrary code with the capabilities of the in ...

References

NVD-CWE-Otherhttp://www.debian.org/security/2004/dsa-547http://www.redhat.com/support/errata/RHSA-2004-480.htmlhttp://www.redhat.com/support/errata/RHSA-2004-494.htmlhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1http://secunia.com/advisories/28800http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1http://www.vupen.com/english/advisories/2008/0412https://exchange.xforce.ibmcloud.com/vulnerabilities/17173https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123https://nvd.nist.govhttps://usn.ubuntu.com/35-1/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103CVE-2024-36279CVE-2024-38457elevation of privilegeCVE-2024-27801CVE-2024-30103NULL pointer dereferenceCVE-2024-6057XML injection
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook