CVE-2005-0762
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
02/05/2005
Last modified:
03/04/2025
Description
Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to execute arbitrary code via a crafted SGI image file.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:imagemagick:imagemagick:5.3.8:*:*:*:*:*:*:* | ||
| cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:* | ||
| cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:* | ||
| cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:imagemagick:imagemagick:5.5.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:imagemagick:imagemagick:5.5.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:* | ||
| cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:* | ||
| cpe:2.3:a:imagemagick:imagemagick:6.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:imagemagick:imagemagick:6.0.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://rhn.redhat.com/errata/RHSA-2005-070.html
- http://securitytracker.com/id?1013550=
- http://www.debian.org/security/2005/dsa-702
- http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9736
- http://rhn.redhat.com/errata/RHSA-2005-070.html
- http://securitytracker.com/id?1013550=
- http://www.debian.org/security/2005/dsa-702
- http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9736