CyberSec.Space Logo
Back to CVE Browser

CVE-2008-6071

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1030%
EPSS Percentile40.57th
PublishedFeb 10, 2009
Last ModifiedApr 23, 2026

Vulnerability Description

Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image. NOTE: some of these details are obtained from third party information.

Affected Platforms (CPE)

πŸ“¦
Graphicsmagick

Graphicsmagick

<= 1.1.13
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.0
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.0.4
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.0.6
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.1
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.1.1
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.1.2
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.1.3
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.1.4
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.1.5
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.1.6
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.1.7
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.1.8
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.1.9
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.1.10
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.1.11
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.1.12
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.2
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.2.1
πŸ“¦
Graphicsmagick

Graphicsmagick

= 1.2.2

References & Advisories

πŸ”— http://cvs.graphicsmagick.org/cgi-bin/cvsweb.cgi/GraphicsMagick/coders/pict.c
πŸ”— http://secunia.com/advisories/30549
πŸ”— http://sourceforge.net/project/shownotes.php?release_id=604785
πŸ”— http://sourceforge.net/project/shownotes.php?release_id=604837
πŸ”— http://sourceforge.net/project/shownotes.php?release_id=604837&group_id=73485
πŸ”— http://www.securityfocus.com/bid/29583
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/42906
πŸ”— http://cvs.graphicsmagick.org/cgi-bin/cvsweb.cgi/GraphicsMagick/coders/pict.c

Related Vulnerabilities

CVE-2017-116369.8

GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that hav...

CVE-2017-116379.8

GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome i...

CVE-2017-111399.8

GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c.

CVE-2017-116419.8

GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent C...