FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-0005

This CVE name corresponds to:

Entered Topic
2005-01-18 ImageMagick -- PSD handler heap overflow vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2005-0005 at cve.mitre.org

Details

Type Candidate
Name CVE-2005-0005
Phase Assigned(20050103)

Description

Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.

References

Source Reference
IDEFENSE 20050117 Multiple Vendor ImageMagick .psd Image File Decode Heap Overflow Vulnerability
DEBIAN DSA-646
GENTOO GLSA-200501-37
REDHAT RHSA-2005:071
BUGTRAQ 20050118 [USN-62-1] imagemagick vulnerability
REDHAT RHSA-2005:070
OVAL oval:org.mitre.oval:def:9925

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.