|
Family: Red Hat Local Security Checks --> Category: infos
RHSA-2004-480: ImageMagick Vulnerability Scan
Vulnerability Scan Summary Check for the version of the ImageMagick packages
Detailed Explanation for this Vulnerability Test
Updated ImageMagick packages that fix a BMP loader vulnerability are now
available.
ImageMagick(TM) is an image display and manipulation tool for the X Window
System.
A heap overflow flaw has been discovered in the ImageMagick image handler.
A possible hacker could create a carefully crafted BMP file in such a way that it
could cause ImageMagick to execute arbitrary code when processing the
image. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2004-0827 to this issue.
Users of ImageMagick should upgrade to this updated package, which contains
a backported patch, and is not vulnerable to this issue.
Solution : http://rhn.redhat.com/errata/RHSA-2004-480.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|