ImageMagick Malformed XCF File Heap Overflow Vulnerability

Bugtraq ID:	28821
Class:	Boundary Condition Error
CVE:	CVE-2008-1096
Remote:	Yes
Local:	No
Published:	Apr 17 2008 12:00AM
Updated:	Dec 01 2008 11:52PM
Credit:	Lubomir Kundrak
Vulnerable:	Ubuntu Ubuntu Linux 7.10 sparc Ubuntu Ubuntu Linux 7.10 powerpc Ubuntu Ubuntu Linux 7.10 lpia Ubuntu Ubuntu Linux 7.10 i386 Ubuntu Ubuntu Linux 7.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 S.u.S.E. openSUSE 11.0 S.u.S.E. openSUSE 10.3 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux Desktop Workstation 5 client RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux AS 4 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux 5 server MandrakeSoft Linux Mandrake 2008.0 x86_64 MandrakeSoft Linux Mandrake 2008.0 MandrakeSoft Linux Mandrake 2007.1 x86_64 MandrakeSoft Linux Mandrake 2007.1 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 ImageMagick ImageMagick 6.2.8 ImageMagick ImageMagick 6.2.7 ImageMagick ImageMagick 6.2.6 ImageMagick ImageMagick 6.2.5 ImageMagick ImageMagick 6.2.4 .5 ImageMagick ImageMagick 6.2.4 ImageMagick ImageMagick 6.2.3 ImageMagick ImageMagick 6.2.2 + Gentoo Linux ImageMagick ImageMagick 6.2.1 ImageMagick ImageMagick 6.2 .0.7 + RedHat Fedora Core3 + RedHat Fedora Core2 ImageMagick ImageMagick 6.2 .0.4 + Gentoo Linux ImageMagick ImageMagick 6.2 ImageMagick ImageMagick 6.1.8 + Gentoo Linux ImageMagick ImageMagick 6.1.7 ImageMagick ImageMagick 6.1.6 ImageMagick ImageMagick 6.1.5 ImageMagick ImageMagick 6.1.4 ImageMagick ImageMagick 6.1.3 ImageMagick ImageMagick 6.1.2 ImageMagick ImageMagick 6.1.1 ImageMagick ImageMagick 6.1 ImageMagick ImageMagick 6.0.8 ImageMagick ImageMagick 6.0.7 + RedHat Desktop 4.0 + RedHat Enterprise Linux Desktop version 4 + RedHat Enterprise Linux AS 4 + RedHat Enterprise Linux ES 4 + RedHat Enterprise Linux WS 4 + S.u.S.E. Linux Personal 9.2 x86_64 + S.u.S.E. Linux Personal 9.2 ImageMagick ImageMagick 6.0.6 + Ubuntu Ubuntu Linux 5.0 4 powerpc + Ubuntu Ubuntu Linux 5.0 4 i386 + Ubuntu Ubuntu Linux 5.0 4 amd64 ImageMagick ImageMagick 6.0.5 + Turbolinux Home + Turbolinux Turbolinux Desktop 10.0 + Turbolinux Turbolinux Server 10.0 ImageMagick ImageMagick 6.0.4 + MandrakeSoft Linux Mandrake 10.1 x86_64 + MandrakeSoft Linux Mandrake 10.1 ImageMagick ImageMagick 6.0.3 ImageMagick ImageMagick 6.0.2 .5 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 ImageMagick ImageMagick 6.0.2 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 ImageMagick ImageMagick 6.0.1 ImageMagick ImageMagick 6.0 ImageMagick ImageMagick 6.2.4.3 ImageMagick ImageMagick 6.2.4.3 ImageMagick ImageMagick 6.2.3.4 ImageMagick ImageMagick 6.2.0.3 ImageMagick ImageMagick 6.0.6.2 + Ubuntu Ubuntu Linux 5.0 4 powerpc + Ubuntu Ubuntu Linux 5.0 4 i386 + Ubuntu Ubuntu Linux 5.0 4 amd64 ImageMagick ImageMagick 6.0.4.4 + MandrakeSoft Linux Mandrake 10.1 x86_64 + MandrakeSoft Linux Mandrake 10.1 ImageMagick ImageMagick 6.0.4.4 + MandrakeSoft Linux Mandrake 10.0 AMD64 + MandrakeSoft Linux Mandrake 10.0 AMD64 + MandrakeSoft Linux Mandrake 10.0 AMD64 + MandrakeSoft Linux Mandrake 10.0 + MandrakeSoft Linux Mandrake 10.0 + MandrakeSoft Linux Mandrake 10.0 + MandrakeSoft Linux Mandrake 9.2 amd64 + MandrakeSoft Linux Mandrake 9.2 amd64 + MandrakeSoft Linux Mandrake 9.2 amd64 + MandrakeSoft Linux Mandrake 9.2 + MandrakeSoft Linux Mandrake 9.2 + MandrakeSoft Linux Mandrake 9.2 + S.u.S.E. Linux Personal 9.1 x86_64 + S.u.S.E. Linux Personal 9.1 + S.u.S.E. Linux Personal 9.1 + S.u.S.E. Linux Personal 9.1 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 + S.u.S.E. Linux Personal 9.0 + S.u.S.E. Linux Personal 9.0

Not Vulnerable: