CVE-2004-0817

Published Dec 31, 2004
Last updated 8 days ago
CVSS info 7.5
Overview

Description: Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
Source: cve@mitre.org
NVD status: Modified
Products: imlib, imlib2, imagemagick, java_desktop_system, linux, mandrake_linux, mandrake_linux_corporate_server, enterprise_linux, enterprise_linux_desktop, fedora_core, linux_advanced_workstation, suse_linux, turbolinux_desktop, turbolinux_server, turbolinux_workstation, ubuntu_linux
Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: NVD-CWE-Other
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*",
            "matchCriteriaId": "AC774637-8B95-4C69-8665-86A67EAEBB24",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*",
            "matchCriteriaId": "9928B65C-A2F3-4D95-9A73-6DE4415463B6",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "072BDD6E-D815-4996-B78C-42502FB8BE05",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*",
            "matchCriteriaId": "AE9D28DB-FFC6-4C7F-89F6-85740B239271",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*",
            "matchCriteriaId": "988CDE52-220B-489D-9644-94CC5274E678",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*",
            "matchCriteriaId": "B49B4277-ECFD-4568-94C1-6E02BF238A2D",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*",
            "matchCriteriaId": "882A873F-D3D3-4E11-9C6B-B45C53672711",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*",
            "matchCriteriaId": "8DA760F0-EFA2-4B4E-BB95-8FD857CD3250",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*",
            "matchCriteriaId": "1C72DEC7-5558-4121-89CE-6E9B382C849E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*",
            "matchCriteriaId": "6880B01C-0804-4CCF-9916-89807BBD4C8B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*",
            "matchCriteriaId": "1FE16231-4FB4-4D30-BE83-AD400E357280",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*",
            "matchCriteriaId": "27937897-40B1-4D86-AFF0-ACA1B7F7A33E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*",
            "matchCriteriaId": "A533869A-BAF1-4A26-AD33-0C4B6A62AA65",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.13:*:*:*:*:*:*:*",
            "matchCriteriaId": "917A16B8-65F3-4C5D-904E-DD0FBD46A3F2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.14:*:*:*:*:*:*:*",
            "matchCriteriaId": "89F6F148-15BA-4F07-A7A6-457B54FB234E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
            "matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
            "matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
            "matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
            "matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
            "matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
            "matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*",
            "matchCriteriaId": "0D83FADC-4C7F-4C16-BBAA-9883D7449744",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*",
            "matchCriteriaId": "B45B5EE8-00FB-46FE-9A26-7468AD30B540",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*",
            "matchCriteriaId": "6534A963-C0A7-47D6-8E1B-B8D0F3933428",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*",
            "matchCriteriaId": "1FD06A99-7CBF-4593-9EA1-5D1A800D8C38",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*",
            "matchCriteriaId": "8BDC9494-E79B-4497-8413-A44DF326ABB1",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "563F49AC-D60F-4E00-9E0D-7EDAA2FFFCD0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "9BDB0628-9BFD-4262-886C-E971EC262134",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:*",
            "matchCriteriaId": "F4CEEBE6-7CE6-4E1B-8828-EDD64EA3A338",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*",
            "matchCriteriaId": "193A610A-5E5E-4A87-A501-902100D1C2AF",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "46F682CD-0117-4770-877F-1F3903BAFE04",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*",
            "matchCriteriaId": "A1587AB3-180E-4734-A0AC-4EE5A93B469A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
            "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
            "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
            "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
            "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
            "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
            "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
            "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
            "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
            "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
            "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
            "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
            "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
            "matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
            "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
            "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
            "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
            "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
            "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
            "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
            "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
            "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]
References

Sources include official advisories and independent security research.
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

Related CVEs

References
