aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--security/vuxml/vuln.xml55
1 files changed, 55 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 9cddf52851f1..6edccf6b9e03 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -34,6 +34,61 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="f5b29ec0-71f9-11dc-8c6a-00304881ac9a">
+ <topic>ImageMagick -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>ImageMagick</name>
+ <name>ImageMagick-nox11</name>
+ <range><lt>6.3.5.9</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Multiple vulnerabilities have been discovered in ImageMagick.</p>
+ <blockquote cite="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4985">
+ <p>ImageMagick before 6.3.5-9 allows context-dependent attackers
+ to cause a denial of service via a crafted image file that
+ triggers (1) an infinite loop in the ReadDCMImage function,
+ related to ReadBlobByte function calls; or (2) an infinite
+ loop in the ReadXCFImage function, related to ReadBlobMSBLong
+ function calls.</p>
+ </blockquote>
+ <blockquote cite="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4986">
+ <p>Multiple integer overflows in ImageMagick before 6.3.5-9
+ allow context-dependent attackers to execute arbitrary code
+ via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5)
+ .xwd image file, which triggers a heap-based buffer overflow.</p>
+ </blockquote>
+ <blockquote cite="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4987">
+ <p>Off-by-one error in the ReadBlobString function in blob.c in
+ ImageMagick before 6.3.5-9 allows context-dependent attackers
+ to execute arbitrary code via a crafted image file, which
+ triggers the writing of a '\0' character to an out-of-bounds
+ address.</p>
+ </blockquote>
+ <blockquote cite="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4988">
+ <p>Sign extension error in the ReadDIBImage function in
+ ImageMagick before 6.3.5-9 allows context-dependent attackers
+ to execute arbitrary code via a crafted width value in an
+ image file, which triggers an integer overflow and a
+ heap-based buffer overflow.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2007-4985</cvename>
+ <cvename>CVE-2007-4986</cvename>
+ <cvename>CVE-2007-4987</cvename>
+ <cvename>CVE-2007-4988</cvename>
+ <url>http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html</url>
+ </references>
+ <dates>
+ <discovery>2007-09-19</discovery>
+ <entry>2007-10-10</entry>
+ </dates>
+ </vuln>
+
<vuln vid="c93e4d41-75c5-11dc-b903-0016179b2dd5">
<topic>jdk/jre -- Applet Caching May Allow Network Access Restrictions to be Circumvented</topic>
<affects>
generated by cgit (git 2.34.1) at 2025-01-15 04:20:54 +0800