CVE-2006-5456 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Graphicsmagick
CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer14 documents7 sources
Severity
9.3CRITICALNVD
NVD5.1OSV5.1
EPSS
0.9%
top 25.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 23
Latest updateMay 3
Description
Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.
CVSS vector
AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4
Affected Packages6 packages
Patches
🔴Vulnerability Details
4GHSA▶
GHSA-94w9-jj9w-mx3v: Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary co↗2022-05-01
OSV▶
CVE-2007-0770: Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary co↗2007-02-12