CVE-2007-4987
Published: 24 September 2007
Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address.
Notes
Author | Note |
---|---|
fujitsu | graphicsmagick doesn't contain the vulnerable code. |
Priority
Status
Package | Release | Status |
---|---|---|
graphicsmagick Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
edgy |
Not vulnerable
|
|
feisty |
Not vulnerable
|
|
gutsy |
Not vulnerable
|
|
upstream |
Not vulnerable
|
|
imagemagick Launchpad, Ubuntu, Debian |
dapper |
Released
(6:6.2.4.5-0.6ubuntu0.7)
|
edgy |
Released
(7:6.2.4.5.dfsg1-0.10ubuntu0.4)
|
|
feisty |
Released
(7:6.2.4.5.dfsg1-0.14ubuntu0.2)
|
|
gutsy |
Released
(7:6.2.4.5.dfsg1-2ubuntu1)
|
|
upstream |
Released
(6.3.5-9)
|