CVE-2005-0005

NONE EPSS 90.1%
Published May 2, 200521y ago · Modified Jun 16, 20262w ago
Find Similar
Published May 2, 2005 21y ago
Last Modified Jun 16, 2026 2w ago

Description

Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.

Threat Intelligence

EPSS Exploit Probability
90.1% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Affected Products 57

VendorProductVersionRange
graphicsmagickgraphicsmagick1.0any
graphicsmagickgraphicsmagick1.0.6any
graphicsmagickgraphicsmagick1.1any
graphicsmagickgraphicsmagick1.1.3any
graphicsmagickgraphicsmagick1.1.4any
imagemagickimagemagick5.3.3any
imagemagickimagemagick5.4.3any
imagemagickimagemagick5.4.7any
imagemagickimagemagick6.0any
imagemagickimagemagick6.0.1any
imagemagickimagemagick6.0.2any
imagemagickimagemagick6.0.2.5any
imagemagickimagemagick6.0.3any
imagemagickimagemagick6.0.4any
imagemagickimagemagick6.0.5any
imagemagickimagemagick6.0.6any
imagemagickimagemagick6.0.7any
imagemagickimagemagick6.0.8any
imagemagickimagemagick6.1any
imagemagickimagemagick6.1.1.6any
imagemagickimagemagick6.1.2any
imagemagickimagemagick6.1.3any
imagemagickimagemagick6.1.4any
imagemagickimagemagick6.1.5any
imagemagickimagemagick6.1.6any
imagemagickimagemagick6.1.7any
imagemagickimagemagick6.2any
imagemagickimagemagick6.2.0.4any
imagemagickimagemagick6.2.0.7any
sgipropack3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
gentoolinux0.5any
gentoolinux0.7any
gentoolinux1.1aany
gentoolinux1.2any
gentoolinux1.4any
gentoolinux1.4any
gentoolinux1.4any
gentoolinux1.4any
susesuse_linux8.0any
susesuse_linux8.0any
susesuse_linux8.1any
susesuse_linux8.2any
susesuse_linux9.0any
susesuse_linux9.0any
susesuse_linux9.1any
susesuse_linux9.2any

References 7

  • marc.info http://marc.info/?l=bugtraq&m=110608222117215&w=2
  • debian.org http://www.debian.org/security/2005/dsa-646
    PatchVendor Advisory
  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200501-37.xml
  • idefense.com http://www.idefense.com/application/poi/display?id=184&type=vulnerabilities
    Exploit
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-070.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-071.html
    Patch
  • oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9925

Remediation

  • debian.org http://www.debian.org/security/2005/dsa-646
    PatchVendor Advisory
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-071.html
    Patch