Return to CVE list

CVE-2006-4144

2.6

Low

CVE-2006-4144

15 Aug 2006

cve@mitre.org

Deferred

View on MITRE Find on GitHub

Description

Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow.

Exploits

283832006-08-14dosLinux

ImageMagick 6.x - '.SGI' Image File Remote Heap Buffer Overflow

By Damian Put

References

cve@mitre.org

ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc

cve@mitre.org

http://secunia.com/advisories/21462

cve@mitre.org

http://secunia.com/advisories/21525

cve@mitre.org

http://secunia.com/advisories/21621

cve@mitre.org

http://secunia.com/advisories/21671

cve@mitre.org

http://secunia.com/advisories/21679

cve@mitre.org

http://secunia.com/advisories/21832

cve@mitre.org

http://secunia.com/advisories/22036

cve@mitre.org

http://secunia.com/advisories/22096

cve@mitre.org

http://secunia.com/advisories/22998

cve@mitre.org

http://security.gentoo.org/glsa/glsa-200609-14.xml

cve@mitre.org

http://securityreason.com/securityalert/1385

cve@mitre.org

http://securitytracker.com/id?1016699

cve@mitre.org

http://www.debian.org/security/2006/dsa-1213

cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:155

cve@mitre.org

http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html

cve@mitre.org

http://www.overflow.pl/adv/imsgiheap.txt

cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2006-0633.html

cve@mitre.org

http://www.securityfocus.com/archive/1/443208/100/0/threaded

cve@mitre.org

http://www.securityfocus.com/archive/1/443362/100/0/threaded

cve@mitre.org

http://www.securityfocus.com/bid/19507

cve@mitre.org

http://www.ubuntu.com/usn/usn-337-1

cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/28372

cve@mitre.org

https://issues.rpath.com/browse/RPL-605

cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11129

af854a3a-2127-422b-91ae-364da2661108

ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc

af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/21462

af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/21525

af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/21621

af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/21671

af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/21679

af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/21832

af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22036

af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22096

af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22998

af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200609-14.xml

af854a3a-2127-422b-91ae-364da2661108

http://securityreason.com/securityalert/1385

af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1016699

af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2006/dsa-1213

af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDKSA-2006:155

af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html

af854a3a-2127-422b-91ae-364da2661108

http://www.overflow.pl/adv/imsgiheap.txt

af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2006-0633.html

af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/443208/100/0/threaded

af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/443362/100/0/threaded

af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/19507

af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/usn-337-1

af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/28372

af854a3a-2127-422b-91ae-364da2661108

https://issues.rpath.com/browse/RPL-605

af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11129