drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberläufe in ImageMagick
| Name: |
Pufferüberläufe in ImageMagick |
|
| ID: |
TLSA-2007-5 |
|
| Distribution: |
TurboLinux |
|
| Plattformen: |
Turbolinux FUJI, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal, TurboLinux Server 10, TurboLinux Server 8 |
|
| Datum: |
Fr, 9. Februar 2007, 03:50 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3743
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3744
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5868 |
|
| Applikationen: |
ImageMagick |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2007-5
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------
Original released date: 08 Feb 2007
Last revised: 08 Feb 2007
Package : ImageMagick
Summary : Multiple buffer overflow
More information :
ImageMagick(TM) is an image display and manipulation tool for the X Window
System.
ImageMagick can read and write JPEG, TIFF, PNM, GIF and Photo CD image file
formats.
Multiple buffer overflows in ImageMagick,user-assisted attackers to execute
arbitrary
code via crafted XCF images.
Multiple integer overflows in ImageMagick, user-assisted attackers to
execute arbitrary
code via crafted Sun Rasterfile (bitmap) images.
Integer overflow in the ReadSGIImage function.
Multiple buffer overflows in Imagemagick has unknown impact and
user-assisted attack
vectors via a crafted SGI image.
Impact :
These vulnerabilities may allow remote attackers to execute arbitrary code
via a
malformed image or video file in AVI or BMP formats.
Affected Products:
- Turbolinux Appliance Server 2.0
- Turbolinux FUJI
- Turbolinux 10 Server x64 Edition
- Turbolinux 10 Server
- Turbolinux Home
- Turbolinux 10 F...
- Turbolinux 10 Desktop
- Turbolinux Multimedia
- Turbolinux Personal
- Turbolinux 8 Server
<Turbolinux Appliance Server 2.0>
Source Packages
Size: MD5
ImageMagick-6.0.5-12.src.rpm
7518273 8d6c549c482b5bb5c97b0c55e8075ccd
Binary Packages
Size: MD5
ImageMagick-6.0.5-12.i586.rpm
4365962 9846a0f65fec9be3d42b465556ed4509
ImageMagick-devel-6.0.5-12.i586.rpm
786270 97e1c1600b7cf9f450f7564c6e5f8339
<Turbolinux FUJI>
Source Packages
Size: MD5
ImageMagick-6.2.3-5.src.rpm
6429219 435e43fecf007acda9dbe1063a748811
Binary Packages
Size: MD5
ImageMagick-6.2.3-5.i686.rpm
2972843 d53a97aa1823404dddfaddc80c343ca3
ImageMagick-c++-6.2.3-5.i686.rpm
337097 11ac2396fa592c075f1923cf3ad8586f
ImageMagick-devel-6.2.3-5.i686.rpm
992994 a2c1f2680cbac43541419d249765e36f
ImageMagick-perl-6.2.3-5.i686.rpm
101992 f280c07605553b71932c470722e736f2
<Turbolinux 10 Server x64 Edition>
Source Packages
Size: MD5
ImageMagick-6.0.5-12.src.rpm
7518273 78c9c2e771b7ee0ce88543f419c85490
Binary Packages
Size: MD5
ImageMagick-6.0.5-12.x86_64.rpm
4388803 58b253bf1c08a2bab2d9aad64d58703b
ImageMagick-c++-6.0.5-12.x86_64.rpm
318615 bda199bd681f920d7c57ff536077fecb
ImageMagick-devel-6.0.5-12.x86_64.rpm
801913 9edbafc98e20e8b4b7568865d8239861
ImageMagick-perl-6.0.5-12.x86_64.rpm
74830 32d1826a26775102fbad88c47008e7b8
<Turbolinux 10 Server>
Source Packages
Size: MD5
ImageMagick-6.0.5-12.src.rpm
7518273 8d6c549c482b5bb5c97b0c55e8075ccd
Binary Packages
Size: MD5
ImageMagick-6.0.5-12.i586.rpm
4365962 9846a0f65fec9be3d42b465556ed4509
ImageMagick-devel-6.0.5-12.i586.rpm
786270 97e1c1600b7cf9f450f7564c6e5f8339
<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux
Multimedia, Turbolinux Personal>
Source Packages
Size: MD5
ImageMagick-6.0.5-12.src.rpm
7518273 f0fabbe1fe5a878a72fbc16cb702c902
Binary Packages
Size: MD5
ImageMagick-6.0.5-12.i586.rpm
4373588 e210d4b1ee1c506226cb2d70e69997d3
ImageMagick-devel-6.0.5-12.i586.rpm
784758 2c44585b55c85832090708423712dbd7
<Turbolinux 8 Server>
Source Packages
Size: MD5
ImageMagick-5.4.7-8.src.rpm
3622245 d90ae692343bc7dc97d47a5fe8ff005b
Binary Packages
Size: MD5
ImageMagick-5.4.7-8.i586.rpm
3213142 25eddfd8aa73a6e44e02598f7626ee2a
ImageMagick-c++-5.4.7-8.i586.rpm
1392832 6a00cc2e2fd46312d9307de50a71c878
ImageMagick-devel-5.4.7-8.i586.rpm
856289 c34bdd842b5d7078713d1c867dc14727
ImageMagick-perl-5.4.7-8.i586.rpm
60734 2d961e5b6a9f494d522223550bb60a1e
References:
CVE
[CVE-2006-3743]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3743
[CAN-2006-3744]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-3744
[CVE-2006-4144]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4144
[CVE-2006-5456]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456
[CVE-2006-5868]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5868
--------------------------------------------------------------------------
Revision History
08 Feb 2007 Initial release
--------------------------------------------------------------------------
Copyright(C) 2007 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFFyxMEK0LzjOqIJMwRArhuAKCinikhdTMniKxOGKMXh5OtDszNxgCeOAya
DX74jzkm5jobwcrAqVS2MTk=
=wcxV
-----END PGP SIGNATURE-----
|
|
|
|
