------------------------------------------------------------ Arch Linux Security Warning ALSW 2007-#23 ------------------------------------------------------------
Name: imagemagick Date: 2007-04-03 Severity: High Warning #: 2007-#23 ------------------------------------------------------------ Product Background =================== ImageMagick is used as a suite of image manipulation tools (animate, composite, conjure, convert, display, identify, import, mogrify, and montage) which are sometimes used by other applications for processing image files. For more information about ImageMagick visit the following URL. Problem Background =================== Remote exploitation of several buffer overflow vulnerabilities in ImageMagick, allows attackers to execute arbitrary code with the credentials used for image processing. An integer overflow exists ImageMagick's handling of DCM (Digital Imaging and Communications in Medicine) format files which allows an attacker to cause a heap-based buffer overflow. This vulnerability specifically exists in the ReadDCMImage() function. Two integer overflows exists ImageMagick's handling of XWD (X Windows Dump) format files that allows an attacker to cause a heap-based buffer overflow. The vulnerabilities specifically exist in the ReadXWDImage() function. An integer overflow could occur when calculating the amount of memory to allocate for the 'colors' or 'comment' field. Impact ========= Exploitation of these vulnerabilities allows attackers to execute arbitrary code in the context of the user that started the affected program. Since the tools that are part of ImageMagick are sometimes used as helper tools by web applications, this user may be the same as the httpd user. Problem Packages =================== Package: imagemagick Repo: current Group: multimedia Unsafe: See below Safe: See below iDefense has confirmed the existence of these vulnerabilities in ImageMagick version 6.3.x. Additionally, the source code for versions 6.3.1, 6.3.2, 6.3.3-3 and 6.2.9 contain the affected code. It is suspected that earlier versions of ImageMagick are also vulnerable. The ImageMagick maintainers have addressed these vulnerabilities in version 6.3.3-5 of ImageMagick. I'm not sure that they release a 6.3.2-x version that fix these problems. I'll add a comment if I'm wrong. Package Fix =================== Upgrade to 6.3.3.6-1 =================== Unofficial ArchLinux Security Bug Tracker: http://jjdanimoth.netsons.org/alsw.html Reference(s) =================== http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=496 https://issues.foresightlinux.org/browse/FL-222
signature.asc
Description: OpenPGP digital signature
_______________________________________________ arch mailing list [email protected] http://archlinux.org/mailman/listinfo/arch
