<<< Date Index >>>     <<< Thread Index >>>

rPSA-2007-0064-1 ImageMagick



rPath Security Advisory: 2007-0064-1
Published: 2007-04-04
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
    Indirect User Deterministic Unauthorized Access
Updated Versions:
    ImageMagick=/conary.rpath.com@rpl:devel//1/6.2.3.3-3.6-1

References:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1797
    https://issues.rpath.com/browse/RPL-1211
    https://issues.rpath.com/browse/RPL-1205

Description:
    Previous versions of the ImageMagick package are vulnerable to two
    indirect attacks that may cause it to execute arbitrary code provided
    by an attacker when attempting to read intentionally malformed image
    files.