CVE-2005-1275
published 2005-04-25CVE-2005-1275: Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service…
PriorityP427medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
13.92%
96.1th percentile
Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value.
Affected
34 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | imagemagick | < imagemagick 6:6.0.6.2-2.3 (bookworm) | imagemagick 6:6.0.6.2-2.3 (bookworm) |
| graphicsmagick | graphicsmagick | — | — |
| graphicsmagick | graphicsmagick | — | — |
| graphicsmagick | graphicsmagick | — | — |
| graphicsmagick | graphicsmagick | — | — |
| graphicsmagick | graphicsmagick | — | — |
| graphicsmagick | graphicsmagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
ImageMagick vulnerabilities
vendor_ubuntu·2005-05-23
CVE-2005-1275 ImageMagick vulnerabilities
Title: ImageMagick vulnerabilities
Summary: ImageMagick vulnerabilities
Damian Put discovered a buffer overflow in the PNM image decoder.
Processing a specially crafted PNM file with a small "colors" value
resulted in a crash of the application that used the ImageMagick
library. (CAN-2005-1275)
Another Denial of Service vulnerability was found in the XWD decoder.
Specially crafted invalid color masks resulted in an infinite loop
which caused the application using the ImageMagick library to stop
working and use all available CPU resources.
(http://bugs.gentoo.org/show_bug.cgi?id=90423)
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
security flaw
vendor_redhat·2005-04-24·CVSS 5.0
CVE-2005-1275 [MEDIUM] security flaw
security flaw
Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value.
Debian
CVE-2005-1275: imagemagick - Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick...
vendor_debian·2005·CVSS 5.0
CVE-2005-1275 [MEDIUM] CVE-2005-1275: imagemagick - Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick...
Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value.
Scope: local
bookworm: resolved (fixed in 6:6.0.6.2-2.3)
bullseye: resolved (fixed in 6:6.0.6.2-2.3)
forky: resolved (fixed in 6:6.0.6.2-2.3)
sid: resolved (fixed in 6:6.0.6.2-2.3)
trixie: resolved (fixed in 6:6.0.6.2-2.3)
GHSA
GHSA-rq7w-w76q-f932: Heap-based buffer overflow in the ReadPNMImage function in pnm
ghsa_unreviewed·2022-05-01
CVE-2005-1275 [MEDIUM] GHSA-rq7w-w76q-f932: Heap-based buffer overflow in the ReadPNMImage function in pnm
Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value.
OSV
CVE-2005-1275: Heap-based buffer overflow in the ReadPNMImage function in pnm
osv·2005-04-25·CVSS 5.0
CVE-2005-1275 [MEDIUM] CVE-2005-1275: Heap-based buffer overflow in the ReadPNMImage function in pnm
Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value.
No detection rules found.
http://bugs.gentoo.org/show_bug.cgi?id=90423http://seclists.org/lists/bugtraq/2005/Apr/0407.htmlhttp://www.imagemagick.org/script/changelog.phphttp://www.mandriva.com/security/advisories?name=MDKSA-2005:107http://www.overflow.pl/adv/imheapoverflow.txthttp://www.redhat.com/support/errata/RHSA-2005-413.htmlhttp://www.securityfocus.com/bid/13351https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10003https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A711http://bugs.gentoo.org/show_bug.cgi?id=90423http://seclists.org/lists/bugtraq/2005/Apr/0407.htmlhttp://www.imagemagick.org/script/changelog.phphttp://www.mandriva.com/security/advisories?name=MDKSA-2005:107http://www.overflow.pl/adv/imheapoverflow.txthttp://www.redhat.com/support/errata/RHSA-2005-413.htmlhttp://www.securityfocus.com/bid/13351https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10003https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A711
2005-04-25
Published