VDB
CVE-2008-3134
CVE-2008-3134
PUBLISHED
CVSS 5 MEDIUM
Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.
EPSS 1.74% · 82.8th percentile
Risk Scores
CVSS v2.0
5
EPSS Score
1.74%
82.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| graphicsmagick | graphicsmagick | 1.2, 1.0, 1.0.4 |
| n/a | n/a | * |
Timeline
- Jul 10, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 17, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 24, 2023 EPSS Score
- Jul 15, 2023 EPSS Score
- Sep 6, 2023 EPSS Score
References
- 30879 third-party-advisory
- 1020413 vdb
- graphicsmagick-multiple-dos(43511) vdb
- ADV-2008-1984 vdb
- http://sourceforge.net/project/shownotes.php?release_id=610253 url
- SUSE-SR:2008:020 vendor-advisory
- graphicsmagick-getimagecharacteristics-dos(43513) vdb
- 32151 third-party-advisory
- http://sourceforge.net/forum/forum.php?forum_id=841176 url
- 30055 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2008-3134 advisory