Vulnerability CVE-2006-3744

Vulnerability Name:

CVE-2006-3744 (CCN-28575)

Assigned:

2006-08-22

Published:

2006-08-22

Updated:

2017-10-11

Summary:

Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows.

CVSS v3 Severity:

5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-189

Vulnerability Consequences:

Gain Access

References:

Source: SGI
Type: UNKNOWN
20060901-01-P

Source: CCN
Type: Gentoo Bugzilla Bug 144854
media-gfx/imagemagick: heap and stack buffer overflow (CVE-2006-374{3|4})

Source: MISC
Type: Patch
http://bugs.gentoo.org/show_bug.cgi?id=144854

Source: MITRE
Type: CNA
CVE-2006-3744

Source: CCN
Type: RHSA-2006-0633
ImageMagick security update

Source: CCN
Type: SA21615
ImageMagick XCF and Sun Rasterfile Buffer Overflows

Source: SECUNIA
Type: Patch, Vendor Advisory
21615

Source: SECUNIA
Type: Vendor Advisory
21621

Source: SECUNIA
Type: Vendor Advisory
21671

Source: SECUNIA
Type: Vendor Advisory
21679

Source: SECUNIA
Type: Vendor Advisory
21719

Source: SECUNIA
Type: Vendor Advisory
21780

Source: SECUNIA
Type: Vendor Advisory
21832

Source: SECUNIA
Type: Vendor Advisory
22036

Source: SECUNIA
Type: Vendor Advisory
22096

Source: GENTOO
Type: UNKNOWN
GLSA-200609-14

Source: CCN
Type: SECTRACK ID: 1016749
ImageMagick Integer/Buffer Overflows in Processing XCF and Sun Bitmap Images Lets Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1016749

Source: CCN
Type: ASA-2006-206
ImageMagick security update (RHSA-2006-0633)

Source: DEBIAN
Type: UNKNOWN
DSA-1168

Source: DEBIAN
Type: DSA-1168
imagemagick -- several vulnerabilities

Source: CCN
Type: GLSA-200609-14
ImageMagick: Multiple Vulnerabilities

Source: CCN
Type: ImageMagick Web site
Introduction to ImageMagick

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:155

Source: SUSE
Type: UNKNOWN
SUSE-SA:2006:050

Source: OSVDB
Type: UNKNOWN
28204

Source: CCN
Type: OSVDB ID: 28204
ImageMagick sun.c Multiple Function Rasterfile Processing Overflow

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2006:0633

Source: CCN
Type: BID-19697
ImageMagick XCF Image File Remote Unspecified Buffer Overflow Vulnerability

Source: BID
Type: UNKNOWN
19699

Source: CCN
Type: BID-19699
ImageMagick Sun Bitmap Image File Remote Unspecified Buffer Overflow Vulnerability

Source: CCN
Type: TLSA-2007-5
Multiple buffer overflow

Source: CCN
Type: USN-340-1
imagemagick vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-340-1

Source: VUPEN
Type: Vendor Advisory
ADV-2006-3375

Source: XF
Type: UNKNOWN
imagemagick-rasterfile-bo(28574)

Source: XF
Type: UNKNOWN
imagemagick-propuserunit-bo(28575)

Source: CONFIRM
Type: UNKNOWN
https://issues.rpath.com/browse/RPL-605

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11486

Source: SUSE
Type: SUSE-SA:2006:050
ImageMagick security problems

Vulnerable Configuration:

Configuration 1:

cpe:/a:imagemagick:imagemagick:6.2:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.2.0.4:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.2.0.7:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.2.0.8:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.2.1:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.2.1.7:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.2.2:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.2.2.5:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.2.3:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.2.3.6:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.2.4:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.2.4.5:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.2.5:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.2.6:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.2.7:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:*:*:*:*:*:*:*:* (Version <= 6.2.8)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20063744	V	CVE-2006-3744	2022-06-30
oval:org.opensuse.security:def:111889	P	GraphicsMagick-1.3.36-1.7 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:105468	P	GraphicsMagick-1.3.36-1.7 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:36358	P	GraphicsMagick-1.2.5-4.33.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:26192	P	Security update for php72 (Important)	2021-02-17
oval:org.opensuse.security:def:26111	P	Security update for cups (Moderate)	2021-02-02
oval:org.opensuse.security:def:25983	P	Security update for openexr (Moderate)	2020-12-23
oval:org.opensuse.security:def:26586	P	libexiv2-4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27321	P	wpa_supplicant on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26333	P	Security update for redis (Moderate)	2020-12-01
oval:org.opensuse.security:def:25907	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26625	P	pam_ldap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27356	P	GraphicsMagick on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26484	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:25908	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26639	P	star on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26537	P	dhcp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25919	P	Security update for libplist (Moderate)	2020-12-01
oval:org.opensuse.security:def:26683	P	dbus-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26249	P	Security update for libtomcrypt (Moderate)	2020-12-01
oval:org.mitre.oval:def:11486	V	Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows.	2013-04-29
oval:org.debian:def:1168	V	several vulnerabilities	2006-09-04
oval:com.redhat.rhsa:def:20060633	P	RHSA-2006:0633: ImageMagick security update (Moderate)	2006-08-24

BACK