CVE-2004-0981 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Imagemagick

9 documents8 sources

Severity

10.0CRITICALNVD

EPSS

7.2%

top 8.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Graphicsmagick Imagemagick Debian Linux +1 more

Timeline

PublishedFeb 9

Latest updateApr 29

Description

Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages4 packages

▶Debianimagemagick/imagemagick< 6:6.0.6.2-1.5+3

▶NVDimagemagick/imagemagick17 versions+16

▶Debiangraphicsmagick/graphicsmagick< 1.1.7-1+3

▶NVDsuse/suse_linux6 versions+5

Also affects: Debian Linux 3.0

🔴Vulnerability Details

GHSA

GHSA-j36p-8jhh-296q: Buffer overflow in the EXIF parsing routine in ImageMagick before 6↗2022-04-29

▶

OSV

CVE-2004-0981: Buffer overflow in the EXIF parsing routine in ImageMagick before 6↗2005-02-09

▶

CVEList

CVE-2004-0981: Buffer overflow in the EXIF parsing routine in ImageMagick before 6↗2004-11-19

▶

📋Vendor Advisories

Ubuntu

XML library vulnerabilities↗2004-10-30

▶

Ubuntu

imagemagick vulnerability↗2004-10-27

▶

Red Hat

security flaw↗2004-10-06

▶

Debian

CVE-2004-0981: graphicsmagick - Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows r...↗2004

▶

💬Community

Bugzilla

CVE-2004-0981 security flaw↗2018-08-16

▶