Vulnerabilities > CVE-2008-1097 - Resource Management Errors vulnerability in Imagemagick Graphicsmagick and Imagemagick

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
imagemagick
CWE-399
nessus

Summary

Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2008-0145.NASL
    descriptionUpdated ImageMagick packages that correct several security issues are now available for Red Hat Enterprise Linux versions 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Several heap-based buffer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM or XWD file, an attacker could potentially execute arbitrary code on the victim
    last seen2020-06-01
    modified2020-06-02
    plugin id31995
    published2008-04-22
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/31995
    titleCentOS 3 / 4 / 5 : ImageMagick (CESA-2008:0145)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2008-099.NASL
    descriptionA heap-based buffer overflow vulnerability was found in how ImageMagick parsed XCF files. If ImageMagick opened a specially crafted XCF file, it could be made to overwrite heap memory beyond the bounds of its allocated memory, potentially allowing an attacker to execute arbitrary code on the system running ImageMagick (CVE-2008-1096). Another heap-based buffer overflow vulnerability was found in how ImageMagick processed certain malformed PCX images. If ImageMagick opened a specially crafted PCX image file, an attacker could possibly execute arbitrary code on the system running ImageMagick (CVE-2008-1097). The updated packages have been patched to correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id37739
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/37739
    titleMandriva Linux Security Advisory : ImageMagick (MDVSA-2008:099)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201311-10.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201311-10 (GraphicsMagick: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in GraphicsMagick. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted image file, potentially resulting in arbitrary code execution or a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id70959
    published2013-11-19
    reporterThis script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/70959
    titleGLSA-201311-10 : GraphicsMagick: Multiple vulnerabilities
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-0165.NASL
    descriptionUpdated ImageMagick packages that correct several security issues are now available for Red Hat Enterprise Linux version 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Several heap-based buffer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM or XWD file, an attacker could potentially execute arbitrary code on the victim
    last seen2020-06-01
    modified2020-06-02
    plugin id31985
    published2008-04-18
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/31985
    titleRHEL 2.1 : ImageMagick (RHSA-2008:0165)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2008-0145.NASL
    descriptionFrom Red Hat Security Advisory 2008:0145 : Updated ImageMagick packages that correct several security issues are now available for Red Hat Enterprise Linux versions 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Several heap-based buffer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM or XWD file, an attacker could potentially execute arbitrary code on the victim
    last seen2020-06-01
    modified2020-06-02
    plugin id67656
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67656
    titleOracle Linux 3 / 4 / 5 : ImageMagick (ELSA-2008-0145)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_GRAPHICSMAGICK-5276.NASL
    descriptionGraphicsMagick is affected by two security problems : CVE-2008-1096: Buffer overflow in the handling of XCF files CVE-2008-1097: Heap buffer overflow in the handling of PCX files
    last seen2020-06-01
    modified2020-06-02
    plugin id33378
    published2008-07-02
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/33378
    titleopenSUSE 10 Security Update : GraphicsMagick (GraphicsMagick-5276)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20080416_IMAGEMAGICK_ON_SL3_X.NASL
    descriptionSeveral heap-based buffer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM or XWD file, an attacker could potentially execute arbitrary code on the victim
    last seen2020-06-01
    modified2020-06-02
    plugin id60382
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60382
    titleScientific Linux Security Update : ImageMagick on SL3.x, SL4.x, SL5.x i386/x86_64
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1858.NASL
    descriptionSeveral vulnerabilities have been discovered in the imagemagick image manipulation programs which can lead to the execution of arbitrary code, exposure of sensitive information or cause DoS. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1667 Multiple integer overflows in XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow. It only affects the oldstable distribution (etch). - CVE-2007-1797 Multiple integer overflows allow remote attackers to execute arbitrary code via a crafted DCM image, or the colors or comments field in a crafted XWD image. It only affects the oldstable distribution (etch). - CVE-2007-4985 A crafted image file can trigger an infinite loop in the ReadDCMImage function or in the ReadXCFImage function. It only affects the oldstable distribution (etch). - CVE-2007-4986 Multiple integer overflows allow context-dependent attackers to execute arbitrary code via a crafted .dcm, .dib, .xbm, .xcf, or .xwd image file, which triggers a heap-based buffer overflow. It only affects the oldstable distribution (etch). - CVE-2007-4987 Off-by-one error allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a
    last seen2020-06-01
    modified2020-06-02
    plugin id44723
    published2010-02-24
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/44723
    titleDebian DSA-1858-1 : imagemagick - multiple vulnerabilities
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-0145.NASL
    descriptionUpdated ImageMagick packages that correct several security issues are now available for Red Hat Enterprise Linux versions 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Several heap-based buffer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM or XWD file, an attacker could potentially execute arbitrary code on the victim
    last seen2020-06-01
    modified2020-06-02
    plugin id31984
    published2008-04-18
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/31984
    titleRHEL 3 / 4 / 5 : ImageMagick (RHSA-2008:0145)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_IMAGEMAGICK-5278.NASL
    descriptionImageMagick and GraphicsMagick are affected by two security problems : - Buffer overflow in the handling of XCF files CVE-2008-1097: Heap buffer overflow in the handling of PCX files. (CVE-2008-1096)
    last seen2020-06-01
    modified2020-06-02
    plugin id33380
    published2008-07-02
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/33380
    titleSuSE 10 Security Update : ImageMagick (ZYPP Patch Number 5278)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_IMAGEMAGICK-5277.NASL
    descriptionImageMagick is affected by two security problems : CVE-2008-1096: Buffer overflow in the handling of XCF files CVE-2008-1097: Heap buffer overflow in the handling of PCX files
    last seen2020-06-01
    modified2020-06-02
    plugin id33379
    published2008-07-02
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/33379
    titleopenSUSE 10 Security Update : ImageMagick (ImageMagick-5277)

Oval

accepted2013-04-29T04:12:35.608-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 5
    ovaloval:org.mitre.oval:def:11414
  • commentThe operating system installed on the system is CentOS Linux 5.x
    ovaloval:org.mitre.oval:def:15802
  • commentOracle Linux 5.x
    ovaloval:org.mitre.oval:def:15459
descriptionHeap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption.
familyunix
idoval:org.mitre.oval:def:11237
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleHeap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption.
version27

Redhat

advisories
  • bugzilla
    id310121
    titleCVE-2007-4986 Multiple integer overflows in ImageMagick
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 4 is installed
        ovaloval:com.redhat.rhba:tst:20070304025
      • OR
        • AND
          • commentImageMagick-perl is earlier than 0:6.0.7.1-17.el4_6.1
            ovaloval:com.redhat.rhsa:tst:20080145001
          • commentImageMagick-perl is signed with Red Hat master key
            ovaloval:com.redhat.rhsa:tst:20060178006
        • AND
          • commentImageMagick is earlier than 0:6.0.7.1-17.el4_6.1
            ovaloval:com.redhat.rhsa:tst:20080145003
          • commentImageMagick is signed with Red Hat master key
            ovaloval:com.redhat.rhsa:tst:20060178008
        • AND
          • commentImageMagick-c++ is earlier than 0:6.0.7.1-17.el4_6.1
            ovaloval:com.redhat.rhsa:tst:20080145005
          • commentImageMagick-c++ is signed with Red Hat master key
            ovaloval:com.redhat.rhsa:tst:20060178010
        • AND
          • commentImageMagick-devel is earlier than 0:6.0.7.1-17.el4_6.1
            ovaloval:com.redhat.rhsa:tst:20080145007
          • commentImageMagick-devel is signed with Red Hat master key
            ovaloval:com.redhat.rhsa:tst:20060178004
        • AND
          • commentImageMagick-c++-devel is earlier than 0:6.0.7.1-17.el4_6.1
            ovaloval:com.redhat.rhsa:tst:20080145009
          • commentImageMagick-c++-devel is signed with Red Hat master key
            ovaloval:com.redhat.rhsa:tst:20060178002
    • AND
      • commentRed Hat Enterprise Linux 5 is installed
        ovaloval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • commentImageMagick-c++-devel is earlier than 0:6.2.8.0-4.el5_1.1
            ovaloval:com.redhat.rhsa:tst:20080145012
          • commentImageMagick-c++-devel is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20080145013
        • AND
          • commentImageMagick is earlier than 0:6.2.8.0-4.el5_1.1
            ovaloval:com.redhat.rhsa:tst:20080145014
          • commentImageMagick is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20080145015
        • AND
          • commentImageMagick-perl is earlier than 0:6.2.8.0-4.el5_1.1
            ovaloval:com.redhat.rhsa:tst:20080145016
          • commentImageMagick-perl is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20080145017
        • AND
          • commentImageMagick-c++ is earlier than 0:6.2.8.0-4.el5_1.1
            ovaloval:com.redhat.rhsa:tst:20080145018
          • commentImageMagick-c++ is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20080145019
        • AND
          • commentImageMagick-devel is earlier than 0:6.2.8.0-4.el5_1.1
            ovaloval:com.redhat.rhsa:tst:20080145020
          • commentImageMagick-devel is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20080145021
    rhsa
    idRHSA-2008:0145
    released2008-04-16
    severityModerate
    titleRHSA-2008:0145: ImageMagick security update (Moderate)
  • rhsa
    idRHSA-2008:0165
rpms
  • ImageMagick-0:5.5.6-28
  • ImageMagick-0:6.0.7.1-17.el4_6.1
  • ImageMagick-0:6.2.8.0-4.el5_1.1
  • ImageMagick-c++-0:5.5.6-28
  • ImageMagick-c++-0:6.0.7.1-17.el4_6.1
  • ImageMagick-c++-0:6.2.8.0-4.el5_1.1
  • ImageMagick-c++-devel-0:5.5.6-28
  • ImageMagick-c++-devel-0:6.0.7.1-17.el4_6.1
  • ImageMagick-c++-devel-0:6.2.8.0-4.el5_1.1
  • ImageMagick-debuginfo-0:5.5.6-28
  • ImageMagick-debuginfo-0:6.0.7.1-17.el4_6.1
  • ImageMagick-debuginfo-0:6.2.8.0-4.el5_1.1
  • ImageMagick-devel-0:5.5.6-28
  • ImageMagick-devel-0:6.0.7.1-17.el4_6.1
  • ImageMagick-devel-0:6.2.8.0-4.el5_1.1
  • ImageMagick-perl-0:5.5.6-28
  • ImageMagick-perl-0:6.0.7.1-17.el4_6.1
  • ImageMagick-perl-0:6.2.8.0-4.el5_1.1
  • ImageMagick-0:5.3.8-21
  • ImageMagick-c++-0:5.3.8-21
  • ImageMagick-c++-devel-0:5.3.8-21
  • ImageMagick-devel-0:5.3.8-21
  • ImageMagick-perl-0:5.3.8-21

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 28822,28821 CVE(CAN) ID: CVE-2008-1097,CVE-2008-1096 ImageMagick是一款Unix/Linux平台下开源的图像查看和编辑工具。 ImageMagick解析XCF文件的方式存在堆溢出漏洞,如果打开了特制的XCF图形的话,ImageMagick就可能覆盖所分配内存区域之外的堆内存,这可能允许攻击者在运行ImageMagick的机器上执行任意指令。 ImageMagick处理某些畸形PCX图形的方式存在堆溢出漏洞,如果受害用户打开了特制的PCX文件的话,攻击者就可以在受害用户机器上执行任意指令。 ImageMagick ImageMagick 6.2.8-0 ImageMagick ImageMagick 6.2.4-5 RedHat ------ RedHat已经为此发布了安全公告(RHSA-2008:0165-01/RHSA-2008:0145-01)以及相应补丁: RHSA-2008:0165-01:Moderate: ImageMagick security update 链接:<a href=https://www.redhat.com/support/errata/RHSA-2008-0165.html target=_blank>https://www.redhat.com/support/errata/RHSA-2008-0165.html</a> RHSA-2008:0145-01:Moderate: ImageMagick security update 链接:<a href=https://www.redhat.com/support/errata/RHSA-2008-0145.html target=_blank>https://www.redhat.com/support/errata/RHSA-2008-0145.html</a>
idSSV:3189
last seen2017-11-19
modified2008-04-19
published2008-04-19
reporterRoot
sourcehttps://www.seebug.org/vuldb/ssvid-3189
titleImageMagick XCF及PCX文件处理堆溢出漏洞