CVE-2008-3134

medium

Description

Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/43513

https://exchange.xforce.ibmcloud.com/vulnerabilities/43511

http://www.vupen.com/english/advisories/2008/1984/references

http://www.securitytracker.com/id?1020413

http://www.securityfocus.com/bid/30055

http://sourceforge.net/project/shownotes.php?release_id=610253

http://sourceforge.net/forum/forum.php?forum_id=841176

http://secunia.com/advisories/32151

http://secunia.com/advisories/30879

http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html

Details

Source: Mitre, NVD

Published: 2008-07-10

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Severity: Medium