CVE-2004-0827

Description

Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.

Affected products

• conectiva / linux9.0 – 9.0
• conectiva / linux10.0 – 10.0
• enlightenment / imlib1.9 – 1.9
• enlightenment / imlib1.9.5 – 1.9.5
• enlightenment / imlib1.9.6 – 1.9.6
• enlightenment / imlib1.9.7 – 1.9.7
• enlightenment / imlib1.9.8 – 1.9.8
• enlightenment / imlib1.9.9 – 1.9.9
• enlightenment / imlib1.9.10 – 1.9.10
• enlightenment / imlib1.9.11 – 1.9.11
• enlightenment / imlib1.9.12 – 1.9.12
• enlightenment / imlib1.9.13 – 1.9.13
• enlightenment / imlib1.9.14 – 1.9.14
• enlightenment / imlib1.9.2 – 1.9.2
• enlightenment / imlib1.9.4 – 1.9.4
• enlightenment / imlib1.9.1 – 1.9.1
• enlightenment / imlib1.9.3 – 1.9.3
• enlightenment / imlib21.0.2 – 1.0.2
• enlightenment / imlib21.0.3 – 1.0.3
• enlightenment / imlib21.0.4 – 1.0.4
• enlightenment / imlib21.0.5 – 1.0.5
• enlightenment / imlib21.1 – 1.1
• enlightenment / imlib21.1.1 – 1.1.1
• enlightenment / imlib21.0 – 1.0
• enlightenment / imlib21.0.1 – 1.0.1
• ImageMagick / ImageMagick5.4.8 – 5.4.8
• ImageMagick / ImageMagick5.3.3 – 5.3.3
• ImageMagick / ImageMagick5.4.3 – 5.4.3
• ImageMagick / ImageMagick5.4.4.5 – 5.4.4.5
• ImageMagick / ImageMagick5.4.7 – 5.4.7
• ImageMagick / ImageMagick5.4.8.2.1.1.0 – 5.4.8.2.1.1.0
• ImageMagick / ImageMagick5.5.3.2.1.2.0 – 5.5.3.2.1.2.0
• ImageMagick / ImageMagick5.5.6.0_2003-04-09 – 5.5.6.0_2003-04-09
• ImageMagick / ImageMagick5.5.7 – 5.5.7
• ImageMagick / ImageMagick6.0.2 – 6.0.2
• mandrakesoft / mandrake_linux9.2 – 9.2
• mandrakesoft / mandrake_linux9.2 – 9.2
• mandrakesoft / mandrake_linux10.0 – 10.0
• mandrakesoft / mandrake_linux10.0 – 10.0
• mandrakesoft / mandrake_linux_corporate_server2.1 – 2.1
• mandrakesoft / mandrake_linux_corporate_server2.1 – 2.1
• RedHat / enterprise_linux3.0 – 3.0
• RedHat / enterprise_linux3.0 – 3.0
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux3.0 – 3.0
• RedHat / enterprise_linux_desktop3.0 – 3.0
• RedHat / fedora_corecore_3.0 – core_3.0
• RedHat / fedora_corecore_1.0 – core_1.0
• RedHat / fedora_corecore_2.0 – core_2.0
• RedHat / linux_advanced_workstation2.1 – 2.1
• RedHat / linux_advanced_workstation2.1 – 2.1
• sun / java_desktop_system2003 – 2003
• sun / java_desktop_system2.0 – 2.0
• SUSE / suse_linux8.0 – 8.0
• SUSE / suse_linux8.0 – 8.0
• SUSE / suse_linux8.1 – 8.1
• SUSE / suse_linux8.2 – 8.2
• SUSE / suse_linux9.0 – 9.0
• SUSE / suse_linux9.0 – 9.0
• SUSE / suse_linux9.1 – 9.1
• SUSE / suse_linux9.2 – 9.2
• turbolinux / turbolinuxdesktop_10.0 – desktop_10.0
• turbolinux / turbolinuxserver_7.0 – server_7.0
• turbolinux / turbolinuxserver_8.0 – server_8.0
• turbolinux / turbolinuxworkstation_7.0 – workstation_7.0
• turbolinux / turbolinuxworkstation_8.0 – workstation_8.0
• Ubuntu / ubuntu_linux4.1 – 4.1
• Ubuntu / ubuntu_linux4.1 – 4.1

References

• MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/0412
• MISChttp://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1
• VENDOR_ADVISORYhttp://www.debian.org/security/2004/dsa-547
• MISChttp://www.redhat.com/support/errata/RHSA-2004-494.html
• MISChttp://www.redhat.com/support/errata/RHSA-2004-480.html
• MISChttp://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/17173
• VENDOR_ADVISORYhttp://secunia.com/advisories/28800