CyberSec.Space Logo
Back to CVE Browser

CVE-2004-0981

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1500%
EPSS Percentile28.55th
PublishedFeb 9, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.

Affected Platforms (CPE)

πŸ“¦
Imagemagick

Imagemagick

= 5.3.3
πŸ“¦
Imagemagick

Imagemagick

= 5.4.3
πŸ“¦
Imagemagick

Imagemagick

= 5.4.4.5
πŸ“¦
Imagemagick

Imagemagick

= 5.4.7
πŸ“¦
Imagemagick

Imagemagick

= 5.4.8
πŸ“¦
Imagemagick

Imagemagick

= 5.4.8.2.1.1.0
πŸ“¦
Imagemagick

Imagemagick

= 5.5.3.2.1.2.0
πŸ“¦
Imagemagick

Imagemagick

= 5.5.6.0_2003-04-09
πŸ“¦
Imagemagick

Imagemagick

= 5.5.7
πŸ“¦
Imagemagick

Imagemagick

= 6.0
πŸ“¦
Imagemagick

Imagemagick

= 6.0.1
πŸ“¦
Imagemagick

Imagemagick

= 6.0.3
πŸ“¦
Imagemagick

Imagemagick

= 6.0.4
πŸ“¦
Imagemagick

Imagemagick

= 6.0.5
πŸ“¦
Imagemagick

Imagemagick

= 6.0.6
πŸ“¦
Imagemagick

Imagemagick

= 6.0.7
πŸ“¦
Imagemagick

Imagemagick

= 6.0.8
πŸ’»
Debian

Debian Linux

= 3.0
πŸ’»
Debian

Debian Linux

= 3.0
πŸ’»
Debian

Debian Linux

= 3.0
πŸ’»
Debian

Debian Linux

= 3.0
πŸ’»
Debian

Debian Linux

= 3.0
πŸ’»
Debian

Debian Linux

= 3.0
πŸ’»
Debian

Debian Linux

= 3.0
πŸ’»
Debian

Debian Linux

= 3.0
πŸ’»
Debian

Debian Linux

= 3.0
πŸ’»
Debian

Debian Linux

= 3.0
πŸ’»
Debian

Debian Linux

= 3.0
πŸ’»
Gentoo

Linux

All versions
πŸ’»
Suse

Suse Linux

= 8.0
πŸ’»
Suse

Suse Linux

= 8.1
πŸ’»
Suse

Suse Linux

= 8.2
πŸ’»
Suse

Suse Linux

= 9.0
πŸ’»
Suse

Suse Linux

= 9.0
πŸ’»
Suse

Suse Linux

= 9.1
πŸ’»
Suse

Suse Linux

= 9.2

References & Advisories

πŸ”— http://secunia.com/advisories/12995/
πŸ”— http://security.gentoo.org/glsa/glsa-200411-11.xml
πŸ”— http://www.imagemagick.org/www/Changelog.html
πŸ”— http://www.securityfocus.org/bid/11548
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/17903
πŸ”— https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10472
πŸ”— https://www.ubuntu.com/usn/usn-7-1/
πŸ”— http://secunia.com/advisories/12995/

Related Vulnerabilities

CVE-2021-335649.8

An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitr...

CVE-2019-199529.8

In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGI...

CVE-2019-199489.8

In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.

CVE-2014-98529.8

distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecifie...