Debian Imagemagick vulnerabilities

CVE-2007-4985 [MEDIUM] CVE-2007-4985: graphicsmagick - ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial ... ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls. Scope: local bookworm: resolved (fixed in 1

CVE-2007-1797 [CRITICAL] CVE-2007-1797: graphicsmagick - Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers ... Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues t

CVE-2007-1667 [CRITICAL] CVE-2007-1667: graphicsmagick - Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org li... Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow. Scope: local bookwo

CVE-2007-4986 [MEDIUM] CVE-2007-4986: graphicsmagick - Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent... Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 1.1.11-1) bullseye: resolved (fixed in 1.1.11-1) forky: resolved (fixed in 1.1.

CVE-2007-4988 [HIGH] CVE-2007-4988: graphicsmagick - Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 ... Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 1.1.11-1) bullseye: resolved (fixed in 1.1.11-1) forky: resolved (f

CVE-2007-0770 [MEDIUM] CVE-2007-0770: graphicsmagick - Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote at... Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an incomplete patch for CVE-2006-5456. Scope: local bookworm: resolved (fixed in 1.1.7-

CVE-2006-5868 [CRITICAL] CVE-2006-5868: imagemagick - Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.... Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image. Scope: local bookworm: resolved (fixed in 7:6.2.4.5.dfsg1-0.11) bullseye: resolved (fixed in 7:6.2.4.5.dfsg1-0.11) forky: resolved (fixed in 7:6.2.4.5.dfsg1-0.11) sid: resolved (fixed in 7:6.2.4.5.dfs

CVE-2006-2440 [HIGH] CVE-2006-2440: imagemagick - Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 mig... Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function. Scope: local bookworm: resolved (fixed in 6:6.2.4.5-0.6) bullseye: resolved (fixed in 6:6.2.4.5-0.6) forky: resolved (fixed i

CVE-2006-0082 [HIGH] CVE-2006-0082: imagemagick - Format string vulnerability in the SetImageInfo function in image.c for ImageMag... Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert

CVE-2006-5456 [MEDIUM] CVE-2006-5456: graphicsmagick - Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 a... Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/pal

CVE-2006-3744 [MEDIUM] CVE-2006-3744: graphicsmagick - Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted atta... Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows. Scope: local bookworm: resolved (fixed in 1.1.7-7) bullseye: resolved (fixed in 1.1.7-7) forky: resolved (fixed in 1.1.7-7) sid: resolved (fixed in 1.1.7-7) trixie:

CVE-2006-3743 [MEDIUM] CVE-2006-3743: graphicsmagick - Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attack... Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images. Scope: local bookworm: resolved (fixed in 1.1.7-8) bullseye: resolved (fixed in 1.1.7-8) forky: resolved (fixed in 1.1.7-8) sid: resolved (fixed in 1.1.7-8) trixie: resolved (fixed in 1.1.7-8)

CVE-2006-4144 [LOW] CVE-2006-4144: graphicsmagick - Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2... Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 1.1.7-7) bullseye: resolve

CVE-2005-0762 [HIGH] CVE-2005-0762: imagemagick - Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows re... Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to execute arbitrary code via a crafted SGI image file. Scope: local bookworm: resolved (fixed in 5:6.0.0-1) bullseye: resolved (fixed in 5:6.0.0-1) forky: resolved (fixed in 5:6.0.0-1) sid: resolved (fixed in 5:6.0.0-1) trixie: resolved (fixed in 5:6.0.0-1)

CVE-2005-4601 [HIGH] CVE-2005-4601: graphicsmagick - The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute ... The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command. Scope: local bookworm: resolved (fixed in 1.1.7-1) bullseye: resolved (fixed in 1.1.7-1) forky: resolved (fixed in 1.1.7-1) sid: resolved (fixed in 1.1.7-1) trixie: resolved (fixed in

CVE-2005-0397 [HIGH] CVE-2005-0397: graphicsmagick - Format string vulnerability in the SetImageInfo function in image.c for ImageMag... Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications. Scope: local bookworm: resolved (fixed in

CVE-2005-0005 [HIGH] CVE-2005-0005: imagemagick - Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly e... Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. Scope: local bookworm: resolved (fixed in 6:6.0.6.2-2.1) bullseye: resolved (fixed in 6:6.0.6.2-2.1) forky: resolved (fixed in 6:6.0.6.2-2.1) sid: resolved (fixed in 6

CVE-2005-0759 [MEDIUM] CVE-2005-0759: imagemagick - ImageMagick before 6.0 allows remote attackers to cause a denial of service (app... ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image with an invalid tag. Scope: local bookworm: resolved (fixed in 5:6.0.0-1) bullseye: resolved (fixed in 5:6.0.0-1) forky: resolved (fixed in 5:6.0.0-1) sid: resolved (fixed in 5:6.0.0-1) trixie: resolved (fixed in 5:6.0.0-1)

CVE-2005-1275 [MEDIUM] CVE-2005-1275: imagemagick - Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick... Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value. Scope: local bookworm: resolved (fixed in 6:6.0.6.2-2.3) bullseye: resolved (fixed in 6:6.0.6.2-2.3) forky: resolved (fixed in 6:6.0.6.2-2.3) sid: res

CVE-2005-0760 [MEDIUM] CVE-2005-0760: imagemagick - The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a de... The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file. Scope: local bookworm: resolved (fixed in 5:6.0.0-1) bullseye: resolved (fixed in 5:6.0.0-1) forky: resolved (fixed in 5:6.0.0-1) sid: resolved (fixed in 5:6.0.0-1) trixie: resolved (fixed in 5:6.0.0-1)