Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0005

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-0005
Last Modified 21 Aug 2010 12:25:20
Published 02 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0005

Summary

Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.

Vulnerable Systems

Operating System

  • Debian Linux 3.0

  • Gentoo Linux 0.5

  • Gentoo Linux 0.7

  • Gentoo Linux 1.1a

  • Gentoo Linux 1.2

  • Gentoo Linux 1.4

  • Suse Linux 8.0

  • Suse Linux 8.1

  • Suse Linux 8.2

  • Suse Linux 9.0

  • Suse Linux 9.1

  • Suse Linux 9.2

Application

  • Graphicsmagick 1.0

  • Graphicsmagick 1.0.6

  • Graphicsmagick 1.1

  • Graphicsmagick 1.1.3

  • Graphicsmagick 1.1.4

  • Imagemagick 5.3.3

  • Imagemagick 5.4.3

  • Imagemagick 5.4.7

  • Imagemagick 6.0

  • Imagemagick 6.0.1

  • Imagemagick 6.0.2

  • Imagemagick 6.0.2.5

  • Imagemagick 6.0.3

  • Imagemagick 6.0.4

  • Imagemagick 6.0.5

  • Imagemagick 6.0.6

  • Imagemagick 6.0.7

  • Imagemagick 6.0.8

  • Imagemagick 6.1

  • Imagemagick 6.1.1.6

  • Imagemagick 6.1.2

  • Imagemagick 6.1.3

  • Imagemagick 6.1.4

  • Imagemagick 6.1.5

  • Imagemagick 6.1.6

  • Imagemagick 6.1.7

  • Imagemagick 6.2

  • Imagemagick 6.2.0.4

  • Imagemagick 6.2.0.7

  • Sgi Propack 3.0


References

REDHAT - RHSA-2005:071

DEBIAN - DSA-646

IDEFENSE - 20050117 Multiple Vendor ImageMagick .psd Image File Decode Heap Overflow Vulnerability

GENTOO - GLSA-200501-37

BUGTRAQ - 20050118 [USN-62-1] imagemagick vulnerability

REDHAT - RHSA-2005:070


Last Updated: 27 May 2016 10:39:38