rPSA-2007-0064-1 ImageMagick
rPath Security Advisory: 2007-0064-1
Published: 2007-04-04
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
Indirect User Deterministic Unauthorized Access
Updated Versions:
ImageMagick=/conary.rpath.com@rpl:devel//1/6.2.3.3-3.6-1
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1797
https://issues.rpath.com/browse/RPL-1211
https://issues.rpath.com/browse/RPL-1205
Description:
Previous versions of the ImageMagick package are vulnerable to two
indirect attacks that may cause it to execute arbitrary code provided
by an attacker when attempting to read intentionally malformed image
files.