Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

rPSA-2007-0064-1 ImageMagick

From: rPath Update Announcements <announce-noreply () rpath com>
Date: Wed, 04 Apr 2007 04:24:33 -0400
rPath Security Advisory: 2007-0064-1
Published: 2007-04-04
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
    Indirect User Deterministic Unauthorized Access
Updated Versions:
    ImageMagick=/conary.rpath.com@rpl:devel//1/6.2.3.3-3.6-1

References:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1797
    https://issues.rpath.com/browse/RPL-1211
    https://issues.rpath.com/browse/RPL-1205

Description:
    Previous versions of the ImageMagick package are vulnerable to two
    indirect attacks that may cause it to execute arbitrary code provided
    by an attacker when attempting to read intentionally malformed image
    files.
Previous By Date Next
Previous By Thread Next

Current thread: