Vulnerabilities > CVE-2006-3743 - Unspecified vulnerability in Imagemagick

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
imagemagick
nessus

Summary

Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images.

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2006-155.NASL
    descriptionMultiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images. (CVE-2006-3743) Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun bitmap images that trigger heap-based buffer overflows. (CVE-2006-3744) Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow. (CVE-2006-4144) The updated packages have been patched to correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id23899
    published2006-12-16
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/23899
    titleMandrake Linux Security Advisory : ImageMagick (MDKSA-2006:155)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_IMAGEMAGICK-2006.NASL
    descriptionSeveral security problems have been fixed in ImageMagick : - CVE-2006-3744: Several heap buffer overflow were found in the Sun Bitmap decoder of ImageMagick by an audit by the Google Security Team. This problem could be exploited by an attacker to execute code. - CVE-2006-3743: Multiple buffer overflows were found in the XCF handling due to incorrect bounds checking by the Google Security Team. This problem could be exploited by an attacker to execute code. - CVE-2006-4144: A integer overflow in the ReadSGIImage function can be used by attackers to potentially execute code. - An infinite loop in ImageMagick caused by TransformHSB was fixed. - An infinite loop in handling of TIFF images was fixed.
    last seen2020-06-01
    modified2020-06-02
    plugin id27104
    published2007-10-17
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27104
    titleopenSUSE 10 Security Update : ImageMagick (ImageMagick-2006)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2006-929.NASL
    descriptionImageMagick(TM) is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Tavis Ormandy discovered several integer and buffer overflow flaws in the way ImageMagick decodes XCF, SGI, and Sun bitmap graphic files. An attacker could execute arbitrary code on a victim
    last seen2020-06-01
    modified2020-06-02
    plugin id24172
    published2007-01-17
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24172
    titleFedora Core 5 : ImageMagick-6.2.5.4-4.2.1.fc5.4 (2006-929)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1168.NASL
    descriptionSeveral remote vulnerabilities have been discovered in Imagemagick, a collection of image manipulation tools, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-2440 Eero Hakkinen discovered that the display tool allocates insufficient memory for globbing patterns, which might lead to a buffer overflow. - CVE-2006-3743 Tavis Ormandy from the Google Security Team discovered that the Sun bitmap decoder performs insufficient input sanitising, which might lead to buffer overflows and the execution of arbitrary code. - CVE-2006-3744 Tavis Ormandy from the Google Security Team discovered that the XCF image decoder performs insufficient input sanitising, which might lead to buffer overflows and the execution of arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id22710
    published2006-10-14
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22710
    titleDebian DSA-1168-1 : imagemagick - several vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_IMAGEMAGICK-2048.NASL
    descriptionSeveral security problems have been fixed in ImageMagick : - Several heap buffer overflow were found in the Sun Bitmap decoder of ImageMagick by an audit by the Google Security Team. This problem could be exploited by an attacker to execute code. (CVE-2006-3744) - Multiple buffer overflows were found in the XCF plugin due to incorrect bounds checking by the Google Security Team. This problem could be exploited by an attacker to execute code. (CVE-2006-3743) - A integer overflow in the ReadSGIImage function can be used by attackers to potentially execute code. (CVE-2006-4144) - An infinite loop in ImageMagick caused by TransformHSB was fixed. - An infinite loop in handling of TIFF images was fixed.
    last seen2020-06-01
    modified2020-06-02
    plugin id29347
    published2007-12-13
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/29347
    titleSuSE 10 Security Update : ImageMagick (ZYPP Patch Number 2048)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2006-0633.NASL
    descriptionUpdated ImageMagick packages that fix several security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagick(TM) is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Tavis Ormandy discovered several integer and buffer overflow flaws in the way ImageMagick decodes XCF, SGI, and Sun bitmap graphic files. An attacker could execute arbitrary code on a victim
    last seen2020-06-01
    modified2020-06-02
    plugin id22292
    published2006-08-30
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/22292
    titleRHEL 2.1 / 3 / 4 : ImageMagick (RHSA-2006:0633)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2007-414.NASL
    description - Thu Apr 5 2007 Norm Murray <nmurray at redhat.com> 6.2.5.4-4.2.1.fc5.8 - more overflows (#235075, CVE-2007-1797) - Fri Sep 22 2006 Norm Murray <nmurray at redhat.com> 6.2.5.4-4.2.1.fc5.7 - more overflows (#210921 CVE-2006-5456) - Fri Sep 22 2006 Norm Murray <nmurray at redhat.com> 6.2.5.4-4.2.1.fc5.6 - fix ImageMagick-perl building (#203975) - Thu Sep 7 2006 Norm Murray <nmurray at redhat.com> - 6.2.5.4-4.2.1.fc5.5 - rebuilding - Wed Aug 23 2006 Matthias Clasen <mclasen at redhat.com> - 6.2.5.4-4.2.1.fc5.4 - fix several integer and buffer overflows (#202193, CVE-2006-3743) - fix more integer overflows (#202771, CVE-2006-4144) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id25045
    published2007-04-19
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/25045
    titleFedora Core 5 : ImageMagick-6.2.5.4-4.2.1.fc5.8 (2007-414)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SA_2006_050.NASL
    descriptionThe remote host is missing the patch for the advisory SUSE-SA:2006:050 (ImageMagick). Several security problems have been fixed in ImageMagick: - CVE-2006-3744: Several heap buffer overflows were found in the Sun Bitmap decoder of ImageMagick during an audit by the Google Security Team. This problem could be exploited by an attacker to execute code. - CVE-2006-3743: Multiple buffer overflows were found by the Google Security team in the XCF handling due to incorrect bounds checking. This problem could be exploited by an attacker to execute code. - CVE-2006-4144: An integer overflow in the ReadSGIImage function can be used by attackers to potentially execute code. - An infinite loop in ImageMagick caused by TransformHSB was fixed. - An infinite loop in the handling of TIFF images was fixed.
    last seen2019-10-28
    modified2007-02-18
    plugin id24428
    published2007-02-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24428
    titleSUSE-SA:2006:050: ImageMagick
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-340-1.NASL
    descriptionTavis Ormandy discovered several buffer overflows in imagemagick
    last seen2020-06-01
    modified2020-06-02
    plugin id27919
    published2007-11-10
    reporterUbuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27919
    titleUbuntu 5.04 / 5.10 / 6.06 LTS : imagemagick vulnerabilities (USN-340-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2006-0633.NASL
    descriptionFrom Red Hat Security Advisory 2006:0633 : Updated ImageMagick packages that fix several security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagick(TM) is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Tavis Ormandy discovered several integer and buffer overflow flaws in the way ImageMagick decodes XCF, SGI, and Sun bitmap graphic files. An attacker could execute arbitrary code on a victim
    last seen2020-06-01
    modified2020-06-02
    plugin id67403
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67403
    titleOracle Linux 4 : ImageMagick (ELSA-2006-0633)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200609-14.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200609-14 (ImageMagick: Multiple Vulnerabilities) Tavis Ormandy of the Google Security Team discovered a stack and heap buffer overflow in the GIMP XCF Image decoder and multiple heap and integer overflows in the SUN bitmap decoder. Damian Put discovered a heap overflow in the SGI image decoder. Impact : An attacker may be able to create a specially crafted image that, when processed with ImageMagick, executes arbitrary code with the privileges of the executing user. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id22458
    published2006-09-27
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22458
    titleGLSA-200609-14 : ImageMagick: Multiple Vulnerabilities
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2006-0633.NASL
    descriptionUpdated ImageMagick packages that fix several security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagick(TM) is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Tavis Ormandy discovered several integer and buffer overflow flaws in the way ImageMagick decodes XCF, SGI, and Sun bitmap graphic files. An attacker could execute arbitrary code on a victim
    last seen2020-06-01
    modified2020-06-02
    plugin id22280
    published2006-08-30
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/22280
    titleCentOS 3 / 4 : ImageMagick (CESA-2006:0633)

Oval

accepted2013-04-29T04:23:08.472-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
descriptionMultiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images.
familyunix
idoval:org.mitre.oval:def:9895
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleMultiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images.
version26

Redhat

advisories
rhsa
idRHSA-2006:0633
rpms
  • ImageMagick-0:5.5.6-20
  • ImageMagick-0:6.0.7.1-16
  • ImageMagick-c++-0:5.5.6-20
  • ImageMagick-c++-0:6.0.7.1-16
  • ImageMagick-c++-devel-0:5.5.6-20
  • ImageMagick-c++-devel-0:6.0.7.1-16
  • ImageMagick-debuginfo-0:5.5.6-20
  • ImageMagick-debuginfo-0:6.0.7.1-16
  • ImageMagick-devel-0:5.5.6-20
  • ImageMagick-devel-0:6.0.7.1-16
  • ImageMagick-perl-0:5.5.6-20
  • ImageMagick-perl-0:6.0.7.1-16

Statements

contributorMark J Cox
lastmodified2007-03-14
organizationRed Hat
statementRed Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.