CVE - CVE-2007-4985

CVE-ID
CVE-2007-4985	Learn more at National Vulnerability Database (NVD) • Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
IDEFENSE:20070919 Multiple Vendor ImageMagick Multiple Denial of Service Vulnerabilities URL:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=596 BUGTRAQ:20071112 FLEA-2007-0066-1 ImageMagick URL:http://www.securityfocus.com/archive/1/archive/1/483572/100/0/threaded MLIST:[Magick-announce] 20070917 ImageMagick 6.3.5-9, important security updates URL:http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html CONFIRM:http://www.imagemagick.org/script/changelog.php CONFIRM:https://issues.rpath.com/browse/RPL-1743 CONFIRM:http://bugs.gentoo.org/show_bug.cgi?id=186030 DEBIAN:DSA-1858 URL:http://www.debian.org/security/2009/dsa-1858 GENTOO:GLSA-200710-27 URL:http://security.gentoo.org/glsa/glsa-200710-27.xml MANDRIVA:MDVSA-2008:035 URL:http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035 REDHAT:RHSA-2008:0145 URL:http://www.redhat.com/support/errata/RHSA-2008-0145.html REDHAT:RHSA-2008:0165 URL:http://www.redhat.com/support/errata/RHSA-2008-0165.html SUSE:SUSE-SR:2007:023 URL:http://www.novell.com/linux/security/advisories/2007_23_sr.html UBUNTU:USN-523-1 URL:http://www.ubuntu.com/usn/usn-523-1 BID:25764 URL:http://www.securityfocus.com/bid/25764 OVAL:oval:org.mitre.oval:def:10869 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10869 SECUNIA:36260 URL:http://secunia.com/advisories/36260 VUPEN:ADV-2007-3245 URL:http://www.vupen.com/english/advisories/2007/3245 SECTRACK:1018729 URL:http://www.securitytracker.com/id?1018729 SECUNIA:26926 URL:http://secunia.com/advisories/26926 SECUNIA:27048 URL:http://secunia.com/advisories/27048 SECUNIA:27309 URL:http://secunia.com/advisories/27309 SECUNIA:27364 URL:http://secunia.com/advisories/27364 SECUNIA:27439 URL:http://secunia.com/advisories/27439 SECUNIA:28721 URL:http://secunia.com/advisories/28721 SECUNIA:29786 URL:http://secunia.com/advisories/29786 SECUNIA:29857 URL:http://secunia.com/advisories/29857 XF:imagemagick-readdcmimage-readxcfimage-dos(36740) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/36740
Assigning CNA
N/A
Date Entry Created
20070919	Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070919)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE list, which standardizes names for security problems.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org