CVE-2008-1097 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2008-1097 Interim 1 11 2023-12-09T02:10:49Z current 2021-05-30T12:41:51Z 2023-12-09T02:10:49Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2008-1097 Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UKEEZOQBUGSSIL6IJ7JPSKKZ6KMBMRQV/#UKEEZOQBUGSSIL6IJ7JPSKKZ6KMBMRQV E-Mail link for SUSE-SR:2008:014 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 openSUSE Tumbleweed GraphicsMagick-1.2.5-4.33.1 GraphicsMagick-1.3.36-1.7 GraphicsMagick-devel-1.3.36-1.7 libGraphicsMagick++-Q16-12-1.3.36-1.7 libGraphicsMagick++-devel-1.3.36-1.7 libGraphicsMagick-Q16-3-1.3.36-1.7 libGraphicsMagick2-1.2.5-4.33.1 libGraphicsMagick3-config-1.3.36-1.7 libGraphicsMagickWand-Q16-2-1.3.36-1.7 perl-GraphicsMagick-1.2.5-4.33.1 perl-GraphicsMagick-1.3.36-1.7 GraphicsMagick-1.2.5-4.33.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libGraphicsMagick2-1.2.5-4.33.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 perl-GraphicsMagick-1.2.5-4.33.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 GraphicsMagick-1.3.36-1.7 as a component of openSUSE Tumbleweed GraphicsMagick-devel-1.3.36-1.7 as a component of openSUSE Tumbleweed libGraphicsMagick++-Q16-12-1.3.36-1.7 as a component of openSUSE Tumbleweed libGraphicsMagick++-devel-1.3.36-1.7 as a component of openSUSE Tumbleweed libGraphicsMagick-Q16-3-1.3.36-1.7 as a component of openSUSE Tumbleweed libGraphicsMagick3-config-1.3.36-1.7 as a component of openSUSE Tumbleweed libGraphicsMagickWand-Q16-2-1.3.36-1.7 as a component of openSUSE Tumbleweed perl-GraphicsMagick-1.3.36-1.7 as a component of openSUSE Tumbleweed Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption. CVE-2008-1097 SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.33.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.33.1 SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.33.1 openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7 openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7 openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7 openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7 openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7 openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7 openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7 openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P