Full Disclosure mailing list archives
rPSA-2007-0064-1 ImageMagick
From: rPath Update Announcements <announce-noreply () rpath com>
Date: Wed, 04 Apr 2007 04:24:33 -0400
rPath Security Advisory: 2007-0064-1 Published: 2007-04-04 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: ImageMagick=/conary.rpath.com@rpl:devel//1/6.2.3.3-3.6-1 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1797 https://issues.rpath.com/browse/RPL-1211 https://issues.rpath.com/browse/RPL-1205 Description: Previous versions of the ImageMagick package are vulnerable to two indirect attacks that may cause it to execute arbitrary code provided by an attacker when attempting to read intentionally malformed image files. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- rPSA-2007-0064-1 ImageMagick rPath Update Announcements (Apr 04)