Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2013-4298

Published: 10/09/2013 Updated: 18/09/2013
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Imagemagick

Vulnerability Summary

The ReadGIFImage function in coders/gif.c in ImageMagick prior to 6.7.8-8 allows remote malicious users to cause a denial of service (memory corruption and application crash) via a crafted comment in a GIF image.

Vulnerable Product Search on Vulmon Subscribe to Product

imagemagick imagemagick 6.7.8-5

imagemagick imagemagick 6.7.8-4

imagemagick imagemagick

imagemagick imagemagick 6.7.8-6

imagemagick imagemagick 6.7.8-1

imagemagick imagemagick 6.7.8-0

imagemagick imagemagick 6.7.8-3

imagemagick imagemagick 6.7.8-2

Vendor Advisories

Debian CVElist Bug Report Logs: imagemagick: CVE-2013-4298: DoS: Memory corruption while processing GIF comments
Debian Bug report logs - #721273 imagemagick: CVE-2013-4298: DoS: Memory corruption while processing GIF comments Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported by: Bastien R ...
Ubuntu Security Notice: imagemagick vulnerability
ImageMagick could be made to crash or run programs as your login if it opened a specially crafted file ...
Debian Security Advisories: DSA-2750-1 imagemagick -- buffer overflow
Anton Kortunov reported a heap corruption in ImageMagick, a program collection and library for converting and manipulating image files Crafted GIF files could cause ImageMagick to crash, potentially leading to arbitrary code execution The oldstable distribution (squeeze) is not affected by this problem For the stable distribution (wheezy), this ...
Red Hat: CVE-2013-4298
The ReadGIFImage function in coders/gifc in ImageMagick before 678-8 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted comment in a GIF image ...

References

CWE-119https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1218248http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=23921http://secunia.com/advisories/54671http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721273http://www.imagemagick.org/script/changelog.phphttp://secunia.com/advisories/54581http://www.debian.org/security/2013/dsa-2750http://www.ubuntu.com/usn/USN-1949-1https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721273https://usn.ubuntu.com/1949-1/https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2013-4298
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook