Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0981

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-0981
Last Modified 21 Aug 2010 12:21:35
Published 09 Feb 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0981

Summary

Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.

Vulnerable Systems

Operating System

  • Debian Linux 3.0

  • Gentoo Linux

  • Suse Linux 8.0

  • Suse Linux 8.1

  • Suse Linux 8.2

  • Suse Linux 9.0

  • Suse Linux 9.1

  • Suse Linux 9.2

Application

  • Imagemagick 5.3.3

  • Imagemagick 5.4.3

  • Imagemagick 5.4.4.5

  • Imagemagick 5.4.7

  • Imagemagick 5.4.8

  • Imagemagick 5.4.8.2.1.1.0

  • Imagemagick 5.5.3.2.1.2.0

  • Imagemagick 5.5.6.0 2003-04-09

  • Imagemagick 5.5.7

  • Imagemagick 6.0

  • Imagemagick 6.0.1

  • Imagemagick 6.0.3

  • Imagemagick 6.0.4

  • Imagemagick 6.0.5

  • Imagemagick 6.0.6

  • Imagemagick 6.0.7

  • Imagemagick 6.0.8


References

XF - imagemagick-exif-image-bo(17903)

BID - 11548

CONFIRM - http://www.imagemagick.org/www/Changelog.html

GENTOO - GLSA-200411-11

SECUNIA - 12995

UBUNTU - USN-7-1


Last Updated: 27 May 2016 10:38:50