CVE-2008-3134

Published Jul 10, 2008

Last updated 8 years ago

CVSS info 5.0

Overview

Description: Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Vendor comments

Red HatRed Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-3134

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E3834A3-8A7E-4914-A20C-EE694150D044"
          },
          {
            "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F96A991C-67A7-4C36-99C4-846BD2175F5A"
          },
          {
            "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD7E2792-B4BC-4C71-990D-0B7462919568"
          },
          {
            "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10F2FD22-4058-45D6-8352-0AA6382746C8"
          },
          {
            "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BF103AE-6F15-4F2D-A375-F2AF91171EE0"
          },
          {
            "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65929D5C-31B1-4A70-8E9C-AC6749332480"
          },
          {
            "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC45DB14-ABB2-4116-930D-349A81CDB982"
          },
          {
            "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0573F148-0204-4F6B-A7B7-12DDF61C7383"
          },
          {
            "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "489040F9-1992-4030-9AFC-9855CFB8C1EB"
          },
          {
            "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9942F4B-6608-4828-988C-2F76EB73CC48"
          },
          {
            "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12D4C9D5-2A4F-4263-943C-1F46E0BB802E"
          },
          {
            "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FAA39999-2648-4EBB-A9CD-15FBE9900E32"
          },
          {
            "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4AD2742D-41F6-43F4-B90B-B75D54E08326"
          },
          {
            "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "634E509D-7E46-43EE-BE38-7C3A7690761D"
          },
          {
            "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.2.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C656F3BD-3FB8-484C-8853-853C47BDFCE1"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Vendor comments

Configurations

References