OSVDB ID: 43213

Title: ImageMagick / GraphicsMagick coders/pcx.c PCX Coder ReadPCXImage Function PCX File Handling Overflow

Info

Disclosure

Mar 01, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Classification

Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Disclosure: Vendor Verified

Solution

Upgrade to version 1.1.7-13, 1.2.8, or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Unknown or Incomplete

References

Security Tracker: 1019881
CVE ID: 2008-1097 (see also: NVD)
Bugtraq ID: 28822
Secunia Advisory ID: 29786 29857 30967 36260
SCIP VulDB ID: 2998
ISS X-Force ID: 41193
Vendor Specific News/Changelog Entry: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413034
http://lists.debian.org/debian-security-announce/2009/msg00175.html
Mail List Post: http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html
Other Advisory URL: http://www.debian.org/security/2009/dsa-1858
http://www.mandriva.com/security/advisories?name=MDVSA-2008:099
RedHat RHSA: RHSA-2008:0145 RHSA-2008:0165

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/43213