PT-2006-6174 · Imagemagick+2 · Imagemagick+2

Lubomir Kundrak

Publicado

2006-10-23

Atualizado

2024-06-15

CVE-2006-5456

CVSS v2.0

5.1

Média

Vetor

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions GraphicsMagick versions prior to 1.1.7 ImageMagick versions prior to 6.0.7

Description The issue is related to multiple buffer overflows that can be triggered by user-assisted attacks, potentially leading to a denial of service and possibly the execution of arbitrary code. This can occur through the processing of certain image types, specifically DCM images handled by the ReadDCMImage function in coders/dcm.c, or PALM images handled by the ReadPALMImage function in coders/palm.c.

Recommendations For GraphicsMagick versions prior to 1.1.7, update to version 1.1.7 or later. For ImageMagick versions prior to 6.0.7, update to version 6.0.7 or later.

Correção

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2006-5456

DSA-1213

OPENSUSE-SU-2024:10596-1

OPENSUSE-SU-2024:10597-1

RHSA-2007:0015

RHSA-2007_0015

Produtos afetados

Graphicsmagick

Imagemagick

Red Hat

PT-2006-6174 · Imagemagick+2 · Imagemagick+2

CVE-2006-5456

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 68