CVE-2008-1097

Loading...

General

Score:6.8/10.0
Severity:Medium
Category:Resource Management Error

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Relative vulnerabilities

CVE-2007-1797, CVE-2007-4985, CVE-2007-4986, CVE-2007-4988, CVE-2008-1096, CVE-2009-1882, CVE-2010-4167

Published on 05/03/08 - Updated on 29/09/17

Description

Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption.

Category: Resource Management Error

CWE-399 (Resource Management Errors)
Weaknesses in this category are related to improper management of system resources.

Security Notices

US National Vulnerability DatabaseCVE-2008-1097
CentOS CESA-2008:0145
Oracle Linux ELSA-2012-0301
Redhat RHSA-2008:0145

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
imagemagickgraphicsmagick
imagemagickimagemagick

Share this vulnerability with:

Twitter Facebook LinkedIn Mail