CVE-2008-1096 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Graphicsmagick

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents7 sources

Severity

6.8MEDIUMNVD

EPSS

10.8%

top 6.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Graphicsmagick Imagemagick Debian Graphicsmagick +2 more

Timeline

PublishedMar 5

Latest updateMay 1

Description

The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly related to the ScaleCharToQuantum function.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages6 packages

▶NVDimagemagick/graphicsmagick6 versions+5

▶debiandebian/imagemagick< graphicsmagick 1.1.11-3.2 (bookworm)

▶debiandebian/graphicsmagick< graphicsmagick 1.1.11-3.2 (bookworm)

▶Debianimagemagick/imagemagick< 7:6.3.7.9.dfsg1-2.1+3

▶Debiangraphicsmagick/graphicsmagick< 1.1.11-3.2+3

🔴Vulnerability Details

GHSA

GHSA-q243-329x-qc2r: The load_tile function in the XCF coder in coders/xcf↗2022-05-01

▶

OSV

CVE-2008-1096: The load_tile function in the XCF coder in coders/xcf↗2008-03-05

▶

📋Vendor Advisories

Ubuntu

ImageMagick vulnerability↗2008-12-01

▶

Debian

CVE-2008-1096: graphicsmagick - The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8...↗2008

▶

Red Hat

Out of bound write in ImageMagick's XCF coder↗2007-03-11

▶

💬Community

Bugzilla

CVE-2008-1096 Out of bound write in ImageMagick's XCF coder↗2007-09-11

▶