CVE - CVE-2006-5456

CVE-ID
CVE-2006-5456	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:20707 URL:http://www.securityfocus.com/bid/20707 BUGTRAQ:20061127 rPSA-2006-0218-1 ImageMagick URL:http://www.securityfocus.com/archive/1/452718/100/100/threaded BUGTRAQ:20070208 rPSA-2007-0029-1 ImageMagick URL:http://www.securityfocus.com/archive/1/459507/100/0/threaded CONFIRM:http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9 CONFIRM:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921 CONFIRM:https://issues.rpath.com/browse/RPL-1034 CONFIRM:https://issues.rpath.com/browse/RPL-811 DEBIAN:DSA-1213 URL:http://www.debian.org/security/2006/dsa-1213 GENTOO:GLSA-200611-07 URL:http://security.gentoo.org/glsa/glsa-200611-07.xml GENTOO:GLSA-200611-19 URL:http://security.gentoo.org/glsa/glsa-200611-19.xml MANDRIVA:MDKSA-2006:193 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:193~~ (Obsolete source) MANDRIVA:MDKSA-2007:041 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:041~~ (Obsolete source) OSVDB:29990 URL:~~http://www.osvdb.org/29990~~ (Obsolete source) OVAL:oval:org.mitre.oval:def:9765 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765 REDHAT:RHSA-2007:0015 URL:http://www.redhat.com/support/errata/RHSA-2007-0015.html SECUNIA:22569 URL:http://secunia.com/advisories/22569 SECUNIA:22572 URL:http://secunia.com/advisories/22572 SECUNIA:22601 URL:http://secunia.com/advisories/22601 SECUNIA:22604 URL:http://secunia.com/advisories/22604 SECUNIA:22819 URL:http://secunia.com/advisories/22819 SECUNIA:22834 URL:http://secunia.com/advisories/22834 SECUNIA:22998 URL:http://secunia.com/advisories/22998 SECUNIA:23090 URL:http://secunia.com/advisories/23090 SECUNIA:23121 URL:http://secunia.com/advisories/23121 SECUNIA:24186 URL:http://secunia.com/advisories/24186 SECUNIA:24196 URL:http://secunia.com/advisories/24196 SECUNIA:24284 URL:http://secunia.com/advisories/24284 SECUNIA:24458 URL:http://secunia.com/advisories/24458 SGI:20070201-01-P URL:ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc SLACKWARE:SSA:2007-066-06 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.352092 SUSE:SUSE-SA:2006:066 URL:http://www.novell.com/linux/security/advisories/2006_66_imagemagick.html SUSE:SUSE-SR:2007:003 URL:http://www.novell.com/linux/security/advisories/2007_3_sr.html UBUNTU:USN-372-1 URL:http://www.ubuntu.com/usn/usn-372-1 UBUNTU:USN-422-1 URL:http://www.ubuntu.com/usn/usn-422-1 VUPEN:ADV-2006-4170 URL:~~http://www.vupen.com/english/advisories/2006/4170~~ (Obsolete source) VUPEN:ADV-2006-4171 URL:~~http://www.vupen.com/english/advisories/2006/4171~~ (Obsolete source) XF:imagemagick-graphicsmagick-palm-bo(29816) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/29816
Assigning CNA
Red Hat, Inc.
Date Record Created
20061023	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20061023)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)