Alerts This Week
Warning Icon 1 914
Alerts This Week
Warning Icon 1 914

Debian: DSA-1903-1 Critical: GraphicsMagick DoS And Code Execution

debian
Calendar Grey October 7, 2009
Debian Logo
A variety of security flaws in GraphicsMagick may result in Denial of Service (DoS) or unauthorized code execution. Users are advised to apply the latest updates.
Several vulnerabilities have been discovered in graphicsmagick, a collection of image processing tool, which can lead to the execution of arbitrary code, exposure of sensitive info...
Topics%20covered

Topics Covered

security advisory denial of service critical code execution graphicsmagick

Summary

Several vulnerabilities have been discovered in graphicsmagick, a
collection of image processing tool, which can lead to the execution
of arbitrary code, exposure of sensitive information or cause DoS.
The Common Vulnerabilities and Exposures project identifies the
following problems:

CVE-2007-1667

Multiple integer overflows in XInitImage function in xwd.c for
GraphicsMagick, allow user-assisted remote attackers to cause a
denial of service (crash) or obtain sensitive information via
crafted images with large or negative values that trigger a
buffer overflow. It only affects the oldstable distribution (etch).

CVE-2007-1797

Multiple integer overflows allow remote attackers to execute arbitrary
code via a crafted DCM image, or the colors or comments field in a
crafted XWD image. It only affects the oldstable distribution (etch).

CVE-2007-4985

A crafted image file can trigger an infinite loop in the ReadDCMImage
function or in the ReadXCFImage function. It only affects the oldstable
...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Package: graphicsmagick

Topics%20covered

Topics Covered

security advisory denial of service critical code execution graphicsmagick

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here