Bugtraq mailing list archives
rPSA-2007-0029-1 ImageMagick
From: rPath Update Announcements <announce-noreply () rpath com>
Date: Thu, 08 Feb 2007 18:03:19 -0500
rPath Security Advisory: 2007-0029-1 Published: 2007-02-08 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: ImageMagick=/conary.rpath.com@rpl:devel//1/6.2.3.3-3.5-1 References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0770 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456 https://issues.rpath.com/browse/RPL-1034 Description: The previous security update for CVE-2006-5456; a buffer overflow parsing Palm Pixmap files, was not sufficient. Previous versions of the ImageMagick package are vulnerable to Denial of Service and possibly Unauthorized Access when presented with an intentionally malformed Palm Pixmap file. The main form of remote exposure is when ImageMagick is exposed to remote users via web services.
Current thread:
- rPSA-2007-0029-1 ImageMagick rPath Update Announcements (Feb 08)