VYPR
← All advisories
Unrated severityNVD Advisory· Published Sep 24, 2007· Updated Apr 23, 2026

CVE-2007-4987

CVE-2007-4987

Description

ImageMagick off-by-one in ReadBlobString allows arbitrary code execution via crafted image file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

ImageMagick off-by-one in ReadBlobString allows arbitrary code execution via crafted image file.

Vulnerability

An off-by-one error exists in the ReadBlobString function in blob.c in ImageMagick before version 6.3.5-9. When processing a specially crafted image file, the function writes a '\0' character to an out-of-bounds address, leading to memory corruption. The vulnerability is context-dependent and can be triggered by any image file that reaches this code path [1].

Exploitation

An attacker needs to supply a malicious image file that is processed by ImageMagick by a user or automated system. No additional authentication or network position is required other than delivering the file (e.g., via email attachment, website upload, or automated batch processing). When the file is loaded, the ReadBlobString function copies a string with an off-by-one error, writing a null byte beyond the allocated buffer boundary [4].

Impact

Successful exploitation allows a remote attacker to execute arbitrary code with the privileges of the user running ImageMagick. This can result in complete compromise of confidentiality, integrity, and availability of the affected system [4].

Mitigation

The issue is fixed in ImageMagick version 6.3.5-9. Users should update to this version or later. Ubuntu released an update (USN-523-1) on 3 October 2007 addressing this and related vulnerabilities [4]. No known workarounds are available; applying the patch is the only effective mitigation.

References
  1. Online Casinos Canada 2026 - Best Sites to Play for Real Money
  2. USN-523-1: ImageMagick vulnerabilities | Ubuntu security notices | Ubuntu

AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

59
  • ImageMagick/Imagemagick58 versions
    cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*+ 57 more
    • cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:5.3.8:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:5.4.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:5.4.8.2_1.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:5.5.3_.2_1.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:5.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:5.5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_20030409:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:5.5.7.15:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.0.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.0.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.0.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.2.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.2.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.2.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.2.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.2.9.2:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.3.3_3:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.3.3_5:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.3.3_6:*:*:*:*:*:*:*
    • cpe:2.3:a:imagemagick:imagemagick:6.3.4:*:*:*:*:*:*:*
    • (no CPE)range: <6.3.5-9
  • osv-coords
    pkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Tumbleweed
    Range: < 7.1.0.8-1.2

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

22

News mentions

0

No linked articles in our index yet.