Debian: DSA-1858-1 Moderate: Imagemagick Code Execution Threat
debian
August 10, 2009
Several vulnerabilities have been discovered in the imagemagick image manipulation programs which can lead to the execution of arbitrary code, exposure of sensitive information or ...
Summary
Several vulnerabilities have been discovered in the imagemagick image
manipulation programs which can lead to the execution of arbitrary code,
exposure of sensitive information or cause DoS. The Common Vulnerabilities
and Exposures project identifies the following problems:
CVE-2007-1667
Multiple integer overflows in XInitImage function in xwd.c for
ImageMagick, allow user-assisted remote attackers to cause a denial of
service (crash) or obtain sensitive information via crafted images with
large or negative values that trigger a buffer overflow. It only affects
the oldstable distribution (etch).
CVE-2007-1797
Multiple integer overflows allow remote attackers to execute arbitrary
code via a crafted DCM image, or the colors or comments field in a
crafted XWD image. It only affects the oldstable distribution (etch).
CVE-2007-4985
A crafted image file can trigger an infinite loop in the ReadDCMImage
function or in the ReadXCFImage function. It only affects the oldstable
...
PREVIOUS
NEXT
Package: imagemagick
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!