CVE-2007-0770
imagemagick
EPSS 7.1%
Description
Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an incomplete patch for CVE-2006-5456.
How to fix CVE-2007-0770
To remediate CVE-2007-0770, upgrade the affected package to a fixed version below.
- Debian/graphicsmagick—upgrade to 1.1.7-12 or later
- Debian/imagemagick—upgrade to 7:6.2.4.5.dfsg1-0.14 or later
- —upgrade to 6:6.0.6.2-2.9 or later
- —upgrade to 6:6.0.6.2-2.9 or later
Is CVE-2007-0770 being exploited?
Moderate — EPSS is 7.1%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (4)
- from 0, < 1.1.7-12
- from 0, < 7:6.2.4.5.dfsg1-0.14
- from 0, < 6:6.0.6.2-2.9
- from 0, < 6:6.0.6.2-2.9