|Category:||Mandrake Local Security Checks|
|Title:||Mandriva Security Advisory MDVSA-2012:077 (imagemagick)|
The remote host is missing an update to imagemagick
announced via advisory MDVSA-2012:077.
Multiple vulnerabilities has been found and corrected in imagemagick:
Untrusted search path vulnerability in configure.c in ImageMagick
before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows
local users to gain privileges via a Trojan horse configuration file
in the current working directory (CVE-2010-4167).
A flaw was found in the way ImageMagick processed images with malformed
Exchangeable image file format (Exif) metadata. An attacker could
create a specially-crafted image file that, when opened by a victim,
would cause ImageMagick to crash or, potentially, execute arbitrary
A denial of service flaw was found in the way ImageMagick processed
images with malformed Exif metadata. An attacker could create a
specially-crafted image file that, when opened by a victim, could
cause ImageMagick to enter an infinite loop (CVE-2012-0248).
The original fix for CVE-2012-0247 failed to check for the possibility
of an integer overflow when computing the sum of number_bytes and
offset. This resulted in a wrap around into a value smaller than
length, making original CVE-2012-0247 introduced length check still
to be possible to bypass, leading to memory corruption (CVE-2012-1185).
An integer overflow flaw was found in the way ImageMagick processed
certain Exif tags with a large components count. An attacker
could create a specially-crafted image file that, when opened by a
victim, could cause ImageMagick to access invalid memory and crash
A denial of service flaw was found in the way ImageMagick decoded
certain JPEG images. A remote attacker could provide a JPEG image with
specially-crafted sequences of RST0 up to RST7 restart markers (used
to indicate the input stream to be corrupted), which once processed
by ImageMagick, would cause it to consume excessive amounts of memory
and CPU time (CVE-2012-0260).
An out-of-bounds buffer read flaw was found in the way ImageMagick
processed certain TIFF image files. A remote attacker could provide
a TIFF image with a specially-crafted Exif IFD value (the set of tags
for recording Exif-specific attribute information), which once opened
by ImageMagick, would cause it to crash (CVE-2012-1798).
The updated packages have been patched to correct these issues.
Affected: 2010.1, Enterprise Server 5.0
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
Risk factor : High
Common Vulnerability Exposure (CVE) ID: CVE-2010-4167|
BugTraq ID: 45044
RedHat Security Advisories: RHSA-2012:0544
Common Vulnerability Exposure (CVE) ID: CVE-2012-0247
Debian Security Information: DSA-2427 (Google Search)
RedHat Security Advisories: RHSA-2012:0545
Common Vulnerability Exposure (CVE) ID: CVE-2012-0248
BugTraq ID: 51957
Common Vulnerability Exposure (CVE) ID: CVE-2012-1185
Debian Security Information: DSA-2462 (Google Search)
SuSE Security Announcement: openSUSE-SU-2012:0692 (Google Search)
XForce ISS Database: imagemagick-profile-code-execution(76140)
Common Vulnerability Exposure (CVE) ID: CVE-2012-0259
BugTraq ID: 52898
XForce ISS Database: imagemagick-jpegexif-dos(74657)
Common Vulnerability Exposure (CVE) ID: CVE-2012-0260
XForce ISS Database: imagemagick-jpegwarninghandler-dos(74658)
Common Vulnerability Exposure (CVE) ID: CVE-2012-1798
XForce ISS Database: imagemagick-tiffexififd-dos(74659)
|Copyright||Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.