drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberläufe in ImageMagick
Name: |
Pufferüberläufe in ImageMagick |
|
ID: |
TLSA-2007-5 |
|
Distribution: |
TurboLinux |
|
Plattformen: |
Turbolinux FUJI, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal, TurboLinux Server 10, TurboLinux Server 8 |
|
Datum: |
Fr, 9. Februar 2007, 03:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3743
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3744
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5868 |
|
Applikationen: |
ImageMagick |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2007-5 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp --------------------------------------------------------------------------
Original released date: 08 Feb 2007 Last revised: 08 Feb 2007
Package : ImageMagick
Summary : Multiple buffer overflow
More information : ImageMagick(TM) is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF and Photo CD image file formats.
Multiple buffer overflows in ImageMagick,user-assisted attackers to execute arbitrary code via crafted XCF images. Multiple integer overflows in ImageMagick, user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images. Integer overflow in the ReadSGIImage function. Multiple buffer overflows in Imagemagick has unknown impact and user-assisted attack vectors via a crafted SGI image.
Impact : These vulnerabilities may allow remote attackers to execute arbitrary code via a malformed image or video file in AVI or BMP formats.
Affected Products: - Turbolinux Appliance Server 2.0 - Turbolinux FUJI - Turbolinux 10 Server x64 Edition - Turbolinux 10 Server - Turbolinux Home - Turbolinux 10 F... - Turbolinux 10 Desktop - Turbolinux Multimedia - Turbolinux Personal - Turbolinux 8 Server
<Turbolinux Appliance Server 2.0>
Source Packages Size: MD5
ImageMagick-6.0.5-12.src.rpm 7518273 8d6c549c482b5bb5c97b0c55e8075ccd
Binary Packages Size: MD5
ImageMagick-6.0.5-12.i586.rpm 4365962 9846a0f65fec9be3d42b465556ed4509 ImageMagick-devel-6.0.5-12.i586.rpm 786270 97e1c1600b7cf9f450f7564c6e5f8339
<Turbolinux FUJI>
Source Packages Size: MD5
ImageMagick-6.2.3-5.src.rpm 6429219 435e43fecf007acda9dbe1063a748811
Binary Packages Size: MD5
ImageMagick-6.2.3-5.i686.rpm 2972843 d53a97aa1823404dddfaddc80c343ca3 ImageMagick-c++-6.2.3-5.i686.rpm 337097 11ac2396fa592c075f1923cf3ad8586f ImageMagick-devel-6.2.3-5.i686.rpm 992994 a2c1f2680cbac43541419d249765e36f ImageMagick-perl-6.2.3-5.i686.rpm 101992 f280c07605553b71932c470722e736f2
<Turbolinux 10 Server x64 Edition>
Source Packages Size: MD5
ImageMagick-6.0.5-12.src.rpm 7518273 78c9c2e771b7ee0ce88543f419c85490
Binary Packages Size: MD5
ImageMagick-6.0.5-12.x86_64.rpm 4388803 58b253bf1c08a2bab2d9aad64d58703b ImageMagick-c++-6.0.5-12.x86_64.rpm 318615 bda199bd681f920d7c57ff536077fecb ImageMagick-devel-6.0.5-12.x86_64.rpm 801913 9edbafc98e20e8b4b7568865d8239861 ImageMagick-perl-6.0.5-12.x86_64.rpm 74830 32d1826a26775102fbad88c47008e7b8
<Turbolinux 10 Server>
Source Packages Size: MD5
ImageMagick-6.0.5-12.src.rpm 7518273 8d6c549c482b5bb5c97b0c55e8075ccd
Binary Packages Size: MD5
ImageMagick-6.0.5-12.i586.rpm 4365962 9846a0f65fec9be3d42b465556ed4509 ImageMagick-devel-6.0.5-12.i586.rpm 786270 97e1c1600b7cf9f450f7564c6e5f8339
<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>
Source Packages Size: MD5
ImageMagick-6.0.5-12.src.rpm 7518273 f0fabbe1fe5a878a72fbc16cb702c902
Binary Packages Size: MD5
ImageMagick-6.0.5-12.i586.rpm 4373588 e210d4b1ee1c506226cb2d70e69997d3 ImageMagick-devel-6.0.5-12.i586.rpm 784758 2c44585b55c85832090708423712dbd7
<Turbolinux 8 Server>
Source Packages Size: MD5
ImageMagick-5.4.7-8.src.rpm 3622245 d90ae692343bc7dc97d47a5fe8ff005b
Binary Packages Size: MD5
ImageMagick-5.4.7-8.i586.rpm 3213142 25eddfd8aa73a6e44e02598f7626ee2a ImageMagick-c++-5.4.7-8.i586.rpm 1392832 6a00cc2e2fd46312d9307de50a71c878 ImageMagick-devel-5.4.7-8.i586.rpm 856289 c34bdd842b5d7078713d1c867dc14727 ImageMagick-perl-5.4.7-8.i586.rpm 60734 2d961e5b6a9f494d522223550bb60a1e
References:
CVE [CVE-2006-3743] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3743 [CAN-2006-3744] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-3744 [CVE-2006-4144] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4144 [CVE-2006-5456] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456 [CVE-2006-5868] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5868
-------------------------------------------------------------------------- Revision History 08 Feb 2007 Initial release --------------------------------------------------------------------------
Copyright(C) 2007 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFFyxMEK0LzjOqIJMwRArhuAKCinikhdTMniKxOGKMXh5OtDszNxgCeOAya DX74jzkm5jobwcrAqVS2MTk= =wcxV -----END PGP SIGNATURE-----
|
|
|
|