Description
Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to execute arbitrary code via a crafted SGI image file.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9736
Patch vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2005-070.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1013550
Patch vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html
Patch vendor-advisory
x_refsource_debian
http://www.debian.org/security/2005/dsa-702
Scores
EPSS
0.0306
EPSS Percentile
86.9%
Details
Status
published
Products (14)
imagemagick/imagemagick
5.3.3
imagemagick/imagemagick
5.3.8
imagemagick/imagemagick
5.4.3
imagemagick/imagemagick
5.4.4.5
imagemagick/imagemagick
5.4.7
imagemagick/imagemagick
5.4.8
imagemagick/imagemagick
5.4.8.2.1.1.0
imagemagick/imagemagick
5.5.3.2.1.2.0
imagemagick/imagemagick
5.5.4
imagemagick/imagemagick
5.5.6
... and 4 more
Published
May 02, 2005
Tracked Since
Feb 18, 2026