Hello, I am using Kaspersky Anti-Virus 2009 and it is reporting an infection to ImageMagick which it identifies as moderately dangerous virus. The description of the virus is as follows:
http://secunia.com/advisories/35216/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ImageMagick "XMakeImage()" Integer Overflow Vulnerability Secunia ID SA35216 CVE-ID CVE-2009-1882 Release Date 27 May 2009 Last Change 04 Jun 2009 Criticality Moderately Critical Solution Status Vendor Patch Software ImageMagick 6.x Where From remote Impact DoS (Denial of Service) This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system. System access This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user. Description Tielei Wang has discovered a vulnerability in ImageMagick, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an integer overflow error within the "XMakeImage()" function in magick/xwindow.c. This can be exploited to cause a buffer overflow via e.g. a specially crafted TIFF file. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in version 6.5.2-8. Prior versions may also be affected. Solution Update to version 6.5.2-9. Reported by Tielei Wang, ICST-ERCIS (Engineering Research Center of Info Security, Institute of Computer Science and Technology, Peking University) Original Advisory ImageMagick: http://imagemagick.org/script/changelog.php ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Can someone contact to Kaspersky to correct this false positive problem? Thanks. Regards. XueHeng _______________________________________________ Magick-developers mailing list Magick-developers@imagemagick.org http://studio.imagemagick.org/mailman/listinfo/magick-developers
