CVE-2007-0770 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Graphicsmagick
CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer13 documents7 sources
Severity
9.3CRITICALNVD
OSV5.1
EPSS
7.1%
top 8.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 12
Latest updateMay 17
Description
Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an incomplete patch for CVE-2006-5456.
CVSS vector
AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0
Affected Packages6 packages
🔴Vulnerability Details
4GHSA▶
GHSA-vwj5-vw48-r26j: Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm↗2022-05-17
GHSA▶
GHSA-94w9-jj9w-mx3v: Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary co↗2022-05-01
OSV▶
CVE-2008-6070: Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm↗2009-02-10
OSV▶
CVE-2007-0770: Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary co↗2007-02-12