Vulnerability Details CVE-2008-3134
Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 80.8%
CVSS Severity
CVSS v2 Score 5.0
References
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html
- http://secunia.com/advisories/30879
- http://secunia.com/advisories/32151
- http://sourceforge.net/forum/forum.php?forum_id=841176
- http://sourceforge.net/project/shownotes.php?release_id=610253
- http://www.securityfocus.com/bid/30055
- http://www.securitytracker.com/id?1020413
- http://www.vupen.com/english/advisories/2008/1984/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43511
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43513
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html
- http://secunia.com/advisories/30879
- http://secunia.com/advisories/32151
- http://sourceforge.net/forum/forum.php?forum_id=841176
- http://sourceforge.net/project/shownotes.php?release_id=610253
- http://www.securityfocus.com/bid/30055
- http://www.securitytracker.com/id?1020413
- http://www.vupen.com/english/advisories/2008/1984/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43511
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43513
Products affected by CVE-2008-3134
-
cpe:2.3:a:graphicsmagick:graphicsmagick:1.0
-
cpe:2.3:a:graphicsmagick:graphicsmagick:1.0.4
-
cpe:2.3:a:graphicsmagick:graphicsmagick:1.0.6
-
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1
-
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.10
-
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.11
-
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.12
-
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.3
-
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.4
-
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.5
-
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.6
-
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.8
-
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.9
-
cpe:2.3:a:graphicsmagick:graphicsmagick:1.2
-
cpe:2.3:a:graphicsmagick:graphicsmagick:1.2.18