CVE-2008-3134

Sažetak

Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.

Reference

http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html
http://secunia.com/advisories/30879
http://secunia.com/advisories/32151
http://sourceforge.net/forum/forum.php?forum_id=841176
http://sourceforge.net/project/shownotes.php?release_id=610253
http://www.securityfocus.com/bid/30055
http://www.securitytracker.com/id?1020413
http://www.vupen.com/english/advisories/2008/1984/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/43511
https://exchange.xforce.ibmcloud.com/vulnerabilities/43513

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

08-08-2017 - 01:31

Objavljeno

10-07-2008 - 23:41