Giuseppe Iuculano
2009-May-28 07:12 UTC
[Secure-testing-team] Bug#530838: [SA35216] ImageMagick "XMakeImage()" Integer Overflow Vulnerability
Package: imagemagick Severity: serious Tags: security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, The following SA (Secunia Advisory) id was published for imagemagick: SA35216[0]:> DESCRIPTION: > Tielei Wang has discovered a vulnerability in ImageMagick, which can > be exploited by malicious people to potentially compromise a user''s > system. > > The vulnerability is caused due to an integer overflow error within > the "XMakeImage()" function in magick/xwindow.c. This can be > exploited to cause a buffer overflow via e.g. a specially crafted > TIFF file. > > Successful exploitation may allow execution of arbitrary code. > > The vulnerability is confirmed in version 6.5.2-8. Prior versions may > also be affected. > > SOLUTION: > Update to version 6.5.2-9. > > PROVIDED AND/OR DISCOVERED BY: > Tielei Wang, ICST-ERCIS (Engineering Research Center of Info > Security, Institute of Computer Science and Technology, Peking > University) > > ORIGINAL ADVISORY: > ImageMagick: > http://imagemagick.org/script/changelog.phpIf you fix the vulnerability please also make sure to include the CVE id (if will be available) in the changelog entry. [0]http://secunia.com/advisories/35216/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkoeOU8ACgkQNxpp46476apsTACfeXUukW4HpJRAEzEv/EuPfOHZ 8sIAn2iR9jkY0FdIPJVJ6ewcY3UB853d =yTEV -----END PGP SIGNATURE-----