Description
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
References (7)
Core 7
Core References
Various Sources vdb-entry
x_refsource_bid
http://www.securityfocus.org/bid/11548
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17903
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://www.ubuntu.com/usn/usn-7-1/
Various Sources x_refsource_confirm
http://www.imagemagick.org/www/Changelog.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/12995/
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200411-11.xml
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10472
Scores
EPSS
0.0722
EPSS Percentile
91.7%
Details
Status
published
Products (25)
debian/debian_linux
3.0 (11 CPE variants)
gentoo/linux
imagemagick/imagemagick
5.3.3
imagemagick/imagemagick
5.4.3
imagemagick/imagemagick
5.4.4.5
imagemagick/imagemagick
5.4.7
imagemagick/imagemagick
5.4.8
imagemagick/imagemagick
5.4.8.2.1.1.0
imagemagick/imagemagick
5.5.3.2.1.2.0
imagemagick/imagemagick
5.5.6.0_2003-04-09
... and 15 more
Published
Feb 09, 2005
Tracked Since
Feb 18, 2026