Vulnerability Name:

CVE-2009-1882 (CCN-50804)

Assigned:2009-05-23
Published:2009-05-23
Updated:2018-10-10
Summary:Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow.
Note: some of these details are obtained from third party information.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-189
CWE-190
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2009-1882

Source: CCN
Type: ImageMagick Web site
Check for XMakeImage() integer overflow vulnerability

Source: CONFIRM
Type: UNKNOWN
http://imagemagick.org/script/changelog.php

Source: FEDORA
Type: UNKNOWN
FEDORA-2010-0036

Source: FEDORA
Type: UNKNOWN
FEDORA-2010-0001

Source: SUSE
Type: UNKNOWN
SUSE-SR:2009:012

Source: CONFIRM
Type: UNKNOWN
http://mirror1.smudge-it.co.uk/imagemagick/www/changelog.html

Source: OSVDB
Type: UNKNOWN
54729

Source: CCN
Type: RHSA-2010-0652
Moderate: ImageMagick security and bug fix update

Source: CCN
Type: RHSA-2010-0653
Moderate: ImageMagick security update

Source: CCN
Type: SA35216
ImageMagick "XMakeImage()" Integer Overflow Vulnerability

Source: SECUNIA
Type: Vendor Advisory
35216

Source: SECUNIA
Type: UNKNOWN
35382

Source: SECUNIA
Type: UNKNOWN
35685

Source: SECUNIA
Type: UNKNOWN
36260

Source: SECUNIA
Type: UNKNOWN
37959

Source: CCN
Type: SA38472
GraphicsMagick Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
55721

Source: GENTOO
Type: UNKNOWN
GLSA-201311-10

Source: CONFIRM
Type: UNKNOWN
http://wiki.rpath.com/Advisories:rPSA-2010-0074

Source: DEBIAN
Type: UNKNOWN
DSA-1858

Source: DEBIAN
Type: DSA-1858
imagemagick -- multiple vulnerabilities

Source: DEBIAN
Type: DSA-1903
graphicsmagick -- several vulnerabilities

Source: CCN
Type: GLSA-201006-03
ImageMagick: User-assisted execution of arbitrary code

Source: CCN
Type: GraphicsMagick Web site
GraphicsMagick News

Source: MLIST
Type: UNKNOWN
[oss-security] 20090608 Re: CVE Request -- ImageMagick -- Integer overflow in XMakeImage()

Source: CCN
Type: OSVDB ID: 54729
ImageMagick magick/xwindow.c XMakeImage() Function TIFF File Handling Overflow

Source: BUGTRAQ
Type: UNKNOWN
20101027 rPSA-2010-0074-1 ImageMagick

Source: BID
Type: UNKNOWN
35111

Source: CCN
Type: BID-35111
ImageMagick TIFF File Integer Overflow Vulnerability

Source: CCN
Type: USN-784-1
ImageMagick vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2009-1449

Source: XF
Type: UNKNOWN
imagemagick-xmakeimage-overflow(50804)

Source: UBUNTU
Type: UNKNOWN
USN-784-1

Source: SUSE
Type: SUSE-SR:2009:012
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:imagemagick:imagemagick:6.5.2-8:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:imagemagick:imagemagick:6.5.2-8:*:*:*:*:*:*:*
  • OR cpe:/a:graphicsmagick:graphicsmagick:1.3.8:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06:*:lts:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:8.04:*:lts:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:x86_64:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20091882
    V
    		CVE-2009-1882
    2022-06-30
    oval:org.opensuse.security:def:111888
    P
    		GraphicsMagick-1.3.25-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:32286
    P
    		Security update for MozillaFirefox (Important) (in QA)
    2022-01-14
    oval:org.opensuse.security:def:32229
    P
    		Security update for ruby2.1 (Important)
    2021-12-01
    oval:org.opensuse.security:def:105467
    P
    		GraphicsMagick-1.3.25-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:32136
    P
    		Security update for arpwatch (Important)
    2021-06-28
    oval:org.opensuse.security:def:29364
    P
    		Security update for graphviz (Critical)
    2021-05-19
    oval:org.opensuse.security:def:32002
    P
    		Security update for gdm (Important)
    2020-12-03
    oval:org.opensuse.security:def:27907
    P
    		Security update for Xen
    2020-12-01
    oval:org.opensuse.security:def:32739
    P
    		libxml2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28591
    P
    		Security update for OpenSSH
    2020-12-01
    oval:org.opensuse.security:def:27982
    P
    		Security update for MozillaFirefox, MozillaFirefox-branding-SLE and mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:33416
    P
    		Security update for ImageMagick
    2020-12-01
    oval:org.opensuse.security:def:28646
    P
    		Security update for compat-openssl097g (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32529
    P
    		gzip on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28196
    P
    		Security update for libevent (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31917
    P
    		Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29328
    P
    		Security update for compat-openssl097g (Important)
    2020-12-01
    oval:org.opensuse.security:def:32634
    P
    		apache2-mod_perl on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28337
    P
    		Security update for php53 (Important)
    2020-12-01
    oval:org.opensuse.security:def:27906
    P
    		Security update for Xen
    2020-12-01
    oval:org.opensuse.security:def:32695
    P
    		krb5-doc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28542
    P
    		Security update for pidgin
    2020-12-01
    oval:org.opensuse.security:def:27918
    P
    		Security update for xorg-x11-libXext
    2020-12-01
    oval:org.opensuse.security:def:33377
    P
    		Security update for compat-openssl097g
    2020-12-01
    oval:org.opensuse.security:def:28630
    P
    		Security update for Mozilla Firefox
    2020-12-01
    oval:org.opensuse.security:def:32373
    P
    		Security update for tcpdump (Important)
    2020-12-01
    oval:org.opensuse.security:def:28112
    P
    		Security update for glibc (Important)
    2020-12-01
    oval:org.opensuse.security:def:31916
    P
    		Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28690
    P
    		Security update for foomatic-filters (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32585
    P
    		openssh on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28253
    P
    		Security update for libxml2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31928
    P
    		Security update for giflib (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32673
    P
    		glibc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28489
    P
    		Security update for curl (Important)
    2020-12-01
    oval:org.mitre.oval:def:8206
    P
    		DSA-1858 imagemagick -- multiple vulnerabilities
    2015-02-23
    oval:org.mitre.oval:def:13308
    P
    		DSA-1858-1 imagemagick -- multiple
    2015-02-23
    oval:org.mitre.oval:def:13868
    P
    		USN-784-1 -- imagemagick vulnerability
    2014-06-30
    oval:org.mitre.oval:def:7485
    P
    		DSA-1903 graphicsmagick -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:19472
    P
    		DSA-1903-1 graphicsmagick - several
    2014-06-23
    oval:org.mitre.oval:def:22919
    P
    		ELSA-2010:0652: ImageMagick security and bug fix update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:22206
    P
    		RHSA-2010:0652: ImageMagick security and bug fix update (Moderate)
    2014-02-24
    oval:com.redhat.rhsa:def:20100652
    P
    		RHSA-2010:0652: ImageMagick security and bug fix update (Moderate)
    2010-08-25
    oval:com.redhat.rhsa:def:20100653
    P
    		RHSA-2010:0653: ImageMagick security update (Moderate)
    2010-08-25
    oval:org.debian:def:1903
    V
    		several vulnerabilities
    2009-10-07
    oval:org.debian:def:1858
    V
    		multiple vulnerabilities
    2009-08-10
    BACK
    imagemagick imagemagick 6.5.2-8
    imagemagick imagemagick 6.5.2-8
    graphicsmagick graphicsmagick 1.3.8
    gentoo linux *
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    canonical ubuntu 6.06
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    debian debian linux 4.0
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2008.1 x86_64
    mandrakesoft mandrake linux 2008.1
    canonical ubuntu 8.04
    mandriva linux 2009.0
    mandriva linux 2009.0 -
    debian debian linux 5.0
    mandriva linux 2009.1
    mandriva linux 2009.1
    mandriva enterprise server 5
    mandriva enterprise server 5