Published: 02/05/2005 Updated: 11/10/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote malicious users to execute arbitrary code via a .PSD image file with a large number of layers.

Vulnerable Product	Search on Vulmon	Subscribe to Product
graphicsmagick graphicsmagick 1.1.3
graphicsmagick graphicsmagick 1.1.4
imagemagick imagemagick 6.0.2.5
imagemagick imagemagick 6.0.3
imagemagick imagemagick 6.1.1.6
imagemagick imagemagick 6.1.2
imagemagick imagemagick 6.2.0.7
sgi propack 3.0
graphicsmagick graphicsmagick 1.0.6
graphicsmagick graphicsmagick 1.1
imagemagick imagemagick 6.0.1
imagemagick imagemagick 6.0.2
imagemagick imagemagick 6.0.8
imagemagick imagemagick 6.1
imagemagick imagemagick 6.2
imagemagick imagemagick 6.2.0.4
graphicsmagick graphicsmagick 1.0
imagemagick imagemagick 5.4.7
imagemagick imagemagick 6.0
imagemagick imagemagick 6.0.6
imagemagick imagemagick 6.0.7
imagemagick imagemagick 6.1.6
imagemagick imagemagick 6.1.7
imagemagick imagemagick 5.3.3
imagemagick imagemagick 5.4.3
imagemagick imagemagick 6.0.4
imagemagick imagemagick 6.0.5
imagemagick imagemagick 6.1.3
imagemagick imagemagick 6.1.4
imagemagick imagemagick 6.1.5
debian debian linux 3.0
gentoo linux 1.1a
gentoo linux 1.2
gentoo linux 1.4
suse suse linux 8.2
suse suse linux 9.0
gentoo linux 0.5
gentoo linux 0.7
suse suse linux 8.0
suse suse linux 8.1
suse suse linux 9.2
suse suse linux 9.1

Andrei Nigmatulin discovered a potential buffer overflow in the PhotoShop Document image decoding function of ImageMagick Decoding a malicious PSD image which specifies more than the allowed 24 channels might result in execution of arbitrary code with the user’s privileges ...

Synopsis ImageMagick security update Type/Severity Security Advisory: Moderate Topic Updated ImageMagick packages that fix a heap based buffer overflow are nowavailableThis update has been rated as having moderate security impact by the RedHat Security Response Team Description ImageMagic ...

Synopsis ImageMagick security update Type/Severity Security Advisory: Moderate Topic Updated ImageMagick packages that fix a security flaw are now available forRed Hat Enterprise Linux 4This update has been rated as having moderate security impact by the Red HatSecurity Response Team Description ...

Andrei Nigmatulin discovered a buffer overflow in the PSD image-decoding module of ImageMagick, a commonly used image manipulation library Remote exploitation with a carefully crafted image could lead to the execution of arbitrary code For the stable distribution (woody) this problem has been fixed in version 5445-1woody5 For the unstable dis ...

NVD-CWE-Other http://www.idefense.com/application/poi/display?id=184&type=vulnerabilities http://www.debian.org/security/2005/dsa-646 http://www.gentoo.org/security/en/glsa/glsa-200501-37.xml http://www.redhat.com/support/errata/RHSA-2005-071.html http://www.redhat.com/support/errata/RHSA-2005-070.html http://marc.info/?l=bugtraq&m=110608222117215&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9925 https://usn.ubuntu.com/62-1/https://nvd.nist.gov

CVE-2005-0005

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect