CVE-2004-0981

Published: Feb 9, 2005Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.

Affected (36)

Products: Imagemagick: Imagemagick · Debian: Debian Linux · Gentoo: Linux · +1 more

Show all products

Imagemagick: Imagemagick · Debian: Debian Linux · Gentoo: Linux · Suse: Suse Linux

1 product

1 product

1 product

1 product

Configuration A

17 vulnerable

Vulnerable Software	Affected Versions
Imagemagick Imagemagick	Version 5.3.3
Imagemagick Imagemagick	Version 5.4.3
Imagemagick Imagemagick	Version 5.4.4.5
Imagemagick Imagemagick	Version 5.4.7
Imagemagick Imagemagick	Version 5.4.8.2.1.1.0
Imagemagick Imagemagick	Version 5.4.8
Imagemagick Imagemagick	Version 5.5.3.2.1.2.0
Imagemagick Imagemagick	Version 5.5.6.0_2003-04-09
Imagemagick Imagemagick	Version 5.5.7
Imagemagick Imagemagick	Version 6.0.1
Imagemagick Imagemagick	Version 6.0.3
Imagemagick Imagemagick	Version 6.0.4
Imagemagick Imagemagick	Version 6.0.5
Imagemagick Imagemagick	Version 6.0.6
Imagemagick Imagemagick	Version 6.0.7
Imagemagick Imagemagick	Version 6.0.8
Imagemagick Imagemagick	Version 6.0

Configuration B

19 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Gentoo Linux	All versions
Suse Suse Linux	Version 8.0
Suse Suse Linux	Version 8.1
Suse Suse Linux	Version 8.2
Suse Suse Linux	Version 9.0
Suse Suse Linux	Version 9.0
Suse Suse Linux	Version 9.1
Suse Suse Linux	Version 9.2

References (14)

http://secunia.com/advisories/12995/

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200411-11.xml

Source: cve@mitre.org

http://www.imagemagick.org/www/Changelog.html

Source: cve@mitre.org

http://www.securityfocus.org/bid/11548

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/17903

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10472

Source: cve@mitre.org

https://www.ubuntu.com/usn/usn-7-1/

Source: cve@mitre.org

http://secunia.com/advisories/12995/

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200411-11.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.imagemagick.org/www/Changelog.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.org/bid/11548

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/17903

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10472

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.ubuntu.com/usn/usn-7-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.