CVE-2006-4144
published 2006-08-15CVE-2006-4144: Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and…
PriorityP429low2.6CVSS 2.0
AVNACHAuNCNINAP
EXPLOIT
EPSS
10.21%
95.1th percentile
Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow.
Affected
39 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | graphicsmagick | < graphicsmagick 1.1.7-7 (bookworm) | graphicsmagick 1.1.7-7 (bookworm) |
| debian | imagemagick | < graphicsmagick 1.1.7-7 (bookworm) | graphicsmagick 1.1.7-7 (bookworm) |
| graphicsmagick | graphicsmagick | >= 0 < 1.1.7-7 | 1.1.7-7 |
| graphicsmagick | graphicsmagick | >= 0 < 1.1.7-7 | 1.1.7-7 |
| graphicsmagick | graphicsmagick | >= 0 < 1.1.7-7 | 1.1.7-7 |
| graphicsmagick | graphicsmagick | >= 0 < 1.1.7-7 | 1.1.7-7 |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
| imagemagick | imagemagick | — | — |
CVSS provenance
nvdv2.02.6LOWAV:N/AC:H/Au:N/C:N/I:N/A:P
osv2.6LOW
vendor_debian2.6MEDIUM
vendor_redhat2.6LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-468h-chpc-m7c8: Integer overflow in the ReadSGIImage function in sgi
ghsa_unreviewed·2022-05-03
CVE-2006-4144 [LOW] GHSA-468h-chpc-m7c8: Integer overflow in the ReadSGIImage function in sgi
Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow.
OSV
CVE-2006-4144: Integer overflow in the ReadSGIImage function in sgi
osv·2006-08-15·CVSS 2.6
CVE-2006-4144 [LOW] CVE-2006-4144: Integer overflow in the ReadSGIImage function in sgi
Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow.
Ubuntu
imagemagick vulnerability
vendor_ubuntu·2006-08-17
CVE-2006-4144 imagemagick vulnerability
Title: imagemagick vulnerability
Summary: imagemagick vulnerability
Damian Put discovered a buffer overflow in imagemagick's SGI file
format decoder. By tricking an user or automated system into
processing a specially crafted SGI image, this could be exploited to
execute arbitrary code with the user's privileges.
Instructions: After a standard system upgrade you need to reboot your computer to
effect the necessary changes.
Red Hat
security flaw
vendor_redhat·2006-08-14·CVSS 2.6
CVE-2006-4144 [LOW] security flaw
security flaw
Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow.
Statement: Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Debian
CVE-2006-4144: graphicsmagick - Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2...
vendor_debian·2006·CVSS 2.6
CVE-2006-4144 [LOW] CVE-2006-4144: graphicsmagick - Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2...
Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow.
Scope: local
bookworm: resolved (fixed in 1.1.7-7)
bullseye: resolved (fixed in 1.1.7-7)
forky: resolved (fixed in 1.1.7-7)
sid: resolved (fixed in 1.1.7-7)
trixie: resolved (fixed in 1.1.7-7)
No detection rules found.
Bugzilla
CVE-2006-4144 security flaw
bugzilla·2018-08-16·CVSS 2.6
CVE-2006-4144 [LOW] CVE-2006-4144 security flaw
CVE-2006-4144 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow.
---
Statement:
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Bugzilla
CVE-2006-0082 ImageMagick format string vulnerability. Also CVE-2005-4601, CVE-2006-2440, CVE-2006-3743, CVE-2006-3744, CVE-2006-4144.
bugzilla·2006-01-04·CVSS 7.5
CVE-2006-0082 [HIGH] CVE-2006-0082 ImageMagick format string vulnerability. Also CVE-2005-4601, CVE-2006-2440, CVE-2006-3743, CVE-2006-3744, CVE-2006-4144.
CVE-2006-0082 ImageMagick format string vulnerability. Also CVE-2005-4601, CVE-2006-2440, CVE-2006-3743, CVE-2006-3744, CVE-2006-4144.
ImageMagick format string vulnerability.
The fix for CVE-2005-0397 is incomplete. As the Debian bug suggests,
by running a command such as:
convert file.jpg file%d%n.jpg
A segfault will result in ImageMagick.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345876
Discussion:
From User-Agent: XML-RPC
ImageMagick-6.2.2.0-3.fc4.1 has been pushed for FC4, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report.
---
I see updates have been released for FC4 - any chance to get the fixes applied
to FC3 as well? I know it has been transfered to legacy - however
security-support
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.aschttp://secunia.com/advisories/21462http://secunia.com/advisories/21525http://secunia.com/advisories/21621http://secunia.com/advisories/21671http://secunia.com/advisories/21679http://secunia.com/advisories/21832http://secunia.com/advisories/22036http://secunia.com/advisories/22096http://secunia.com/advisories/22998http://security.gentoo.org/glsa/glsa-200609-14.xmlhttp://securityreason.com/securityalert/1385http://securitytracker.com/id?1016699http://www.debian.org/security/2006/dsa-1213http://www.mandriva.com/security/advisories?name=MDKSA-2006:155http://www.novell.com/linux/security/advisories/2006_50_imagemagick.htmlhttp://www.overflow.pl/adv/imsgiheap.txthttp://www.redhat.com/support/errata/RHSA-2006-0633.htmlhttp://www.securityfocus.com/archive/1/443208/100/0/threadedhttp://www.securityfocus.com/archive/1/443362/100/0/threadedhttp://www.securityfocus.com/bid/19507http://www.ubuntu.com/usn/usn-337-1https://exchange.xforce.ibmcloud.com/vulnerabilities/28372https://issues.rpath.com/browse/RPL-605https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11129ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.aschttp://secunia.com/advisories/21462http://secunia.com/advisories/21525http://secunia.com/advisories/21621http://secunia.com/advisories/21671http://secunia.com/advisories/21679http://secunia.com/advisories/21832http://secunia.com/advisories/22036http://secunia.com/advisories/22096http://secunia.com/advisories/22998http://security.gentoo.org/glsa/glsa-200609-14.xmlhttp://securityreason.com/securityalert/1385http://securitytracker.com/id?1016699http://www.debian.org/security/2006/dsa-1213http://www.mandriva.com/security/advisories?name=MDKSA-2006:155http://www.novell.com/linux/security/advisories/2006_50_imagemagick.htmlhttp://www.overflow.pl/adv/imsgiheap.txthttp://www.redhat.com/support/errata/RHSA-2006-0633.htmlhttp://www.securityfocus.com/archive/1/443208/100/0/threadedhttp://www.securityfocus.com/archive/1/443362/100/0/threadedhttp://www.securityfocus.com/bid/19507http://www.ubuntu.com/usn/usn-337-1https://exchange.xforce.ibmcloud.com/vulnerabilities/28372https://issues.rpath.com/browse/RPL-605https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11129
2006-08-15
Published