Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-646-1:70C16
HistoryJan 19, 2005 - 10:27 a.m.

[SECURITY] [DSA 646-1] New ImageMagick packages fix arbitrary code execution

2005-01-1910:27:12
lists.debian.org
7

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

Debian Security Advisory DSA 646-1 [email protected]
http://www.debian.org/security/ Martin Schulze
January 19th, 2005 http://www.debian.org/security/faq

Package : imagemagick
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2005-0005

Andrei Nigmatulin discovered a buffer overflow in the PSD
image-decoding module of ImageMagick, a commonly used image
manipulation library. Remote exploition with a carefully crafted
image could lead to the execution of arbitrary code.

For the stable distribution (woody) this problem has been fixed in
version 5.4.4.5-1woody5.

For the unstable distribution (sid) this problem has been fixed in
version 6.0.6.2-2.

We recommend that you upgrade your imagemagick packages.

Upgrade Instructions

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5.dsc
  Size/MD5 checksum:      852 7ca6886f64037e980060508a770bd777
http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5.diff.gz
  Size/MD5 checksum:    15619 4b8192231c8975e0f83bab0bdee0f25a
http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5.orig.tar.gz
  Size/MD5 checksum:  3901237 f35e356b4ac1ebc58e3cffa7ea7abc07

Alpha architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_alpha.deb
  Size/MD5 checksum:  1309882 ddc9e1e57e1733ba68898c4d78d11ff2
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_alpha.deb
  Size/MD5 checksum:   154212 c0cb6e3b81807a9ea8b6fcf1b3d3403e
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_alpha.deb
  Size/MD5 checksum:    56326 883322541fe624e48bd4d2f579090d27
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_alpha.deb
  Size/MD5 checksum:   833384 4a6b6198ca41453dd989e65f68d7d3be
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_alpha.deb
  Size/MD5 checksum:    67370 a7487a31ee8afcf6e8dbc942d9eb7226
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_alpha.deb
  Size/MD5 checksum:   113864 815d027cfec793000bb6eafd54b6c6d4

ARM architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_arm.deb
  Size/MD5 checksum:  1297154 08cf4503548d7b4f594b19dbbbc9b620
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_arm.deb
  Size/MD5 checksum:   118778 7ea1c8496ba2f9b10e173136d7646b19
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_arm.deb
  Size/MD5 checksum:    56372 5b58a6cfa9f0585b7dbcb2a6a079f5bb
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_arm.deb
  Size/MD5 checksum:   898716 4cbae243299cab78d9c7189d57b5f5e5
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_arm.deb
  Size/MD5 checksum:    67398 9f7051f05c9f6339f29c814e6800c5a8
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_arm.deb
  Size/MD5 checksum:   109992 feded00d7fa37064e447fd140a06b861

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_i386.deb
  Size/MD5 checksum:  1295194 4c860486ff0284c0f3a02e6db73d2729
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_i386.deb
  Size/MD5 checksum:   122838 1fa97dc730589c4d2405cfb1daf65d58
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_i386.deb
  Size/MD5 checksum:    56348 f6f1831bc53050fed4be4a779f617d85
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_i386.deb
  Size/MD5 checksum:   772594 bc095d6fc212c57e76682d2e908e645f
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_i386.deb
  Size/MD5 checksum:    67380 77bbc19b74af8f4ec6a423ca2cb8519f
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_i386.deb
  Size/MD5 checksum:   106994 893011a405b1e248c75f9c2e2e43cdf6

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_ia64.deb
  Size/MD5 checksum:  1336218 0da64c0ceb2ae9c2841ce4686c81ebbf
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_ia64.deb
  Size/MD5 checksum:   137108 a2353ec66b50f90e3738aedde81e5093
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_ia64.deb
  Size/MD5 checksum:    56312 044edaa6a7185e0e26a98a90748f1a7b
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_ia64.deb
  Size/MD5 checksum:  1360062 471ec0c40753bb7eac7e45385b0c96f0
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_ia64.deb
  Size/MD5 checksum:    67354 17efc0247ef95e3c38d170ed2f61a743
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_ia64.deb
  Size/MD5 checksum:   132964 bacf380322370e7ced619ca4c76388f0

HP Precision architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_hppa.deb
  Size/MD5 checksum:  1297430 d70abbbe6d475d60fc2a34e2778c12f2
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_hppa.deb
  Size/MD5 checksum:   132930 fedc55e4a005b28e00b54c993887e209
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_hppa.deb
  Size/MD5 checksum:    56362 8ec84f2f0a57a4c7f4289a652a4528ba
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_hppa.deb
  Size/MD5 checksum:   859932 43a200eb3b9a70b8de1227e99820fb01
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_hppa.deb
  Size/MD5 checksum:    67394 b1d4e146818947a44af16f15a1451a18
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_hppa.deb
  Size/MD5 checksum:   117242 fc089bd83662c0fcc49cc0b569bb1c30

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_m68k.deb
  Size/MD5 checksum:  1292622 a87e2eb868de28f78bf59d001468aedb
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_m68k.deb
  Size/MD5 checksum:   134082 9ea7de99c48a5dc768fa8224aa0238d5
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_m68k.deb
  Size/MD5 checksum:    56392 c2059fc2455faa9c1d0a2f6f95fe5ba7
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_m68k.deb
  Size/MD5 checksum:   751912 e80a1f4e2544d275fda1551b57d0246a
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_m68k.deb
  Size/MD5 checksum:    67420 db7a3156415f665889b025a154e2e9f5
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_m68k.deb
  Size/MD5 checksum:   107482 54a1926ff755f825afa4b89efbadfd76

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_mips.deb
  Size/MD5 checksum:  1294936 67ca29a49ab0c8e515e4810ece9ab409
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_mips.deb
  Size/MD5 checksum:   120352 99578089369ea2a003d0a56aec6d34b2
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_mips.deb
  Size/MD5 checksum:    56362 98ecbc125c9451d9e885bb325997a73b
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_mips.deb
  Size/MD5 checksum:   733120 641218d8281d38b3b55fb6d787e68760
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_mips.deb
  Size/MD5 checksum:    67404 3d0714b089cd5de5e4471aaf760a831e
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_mips.deb
  Size/MD5 checksum:   103404 1517f93c042c60907d9bcc98ab7a70c8

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_mipsel.deb
  Size/MD5 checksum:  1294920 a4ecbf6a8abbd0e18e0b3c2d896e2dcc
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_mipsel.deb
  Size/MD5 checksum:   113950 5cfad22c7d0beec13255e148ca11783d
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_mipsel.deb
  Size/MD5 checksum:    56390 599616ef7a5869f65f65d4e1a493160c
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_mipsel.deb
  Size/MD5 checksum:   721098 084defe73c73603e61b69419e1374f8e
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_mipsel.deb
  Size/MD5 checksum:    67414 1e8aa5e91cf61883a0c046f2d734c12c
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_mipsel.deb
  Size/MD5 checksum:   102940 78c33b91bf9214e4caaa39eaf0679df7

PowerPC architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_powerpc.deb
  Size/MD5 checksum:  1291544 7b362ea5200d9f6e9d2721cd94f2c0d0
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_powerpc.deb
  Size/MD5 checksum:   135970 01a05f7cd212b3fa7ed76c0a0525c7b3
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_powerpc.deb
  Size/MD5 checksum:    56354 07ec4a9182761c19fd19090d0fdcaa04
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_powerpc.deb
  Size/MD5 checksum:   786292 5415dfec8fbed3256fd306a727408d15
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_powerpc.deb
  Size/MD5 checksum:    67400 644db38acce431e9b42baf87691232d7
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_powerpc.deb
  Size/MD5 checksum:   111994 9723784a9a5d0da539449356f2437dbb

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_s390.deb
  Size/MD5 checksum:  1292246 2f71ab873e1756bd046a2321835a94b4
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_s390.deb
  Size/MD5 checksum:   132088 7d757d128832809a4d151013bb5cd488
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_s390.deb
  Size/MD5 checksum:    56364 375a050c6067239cdc4bbf6effca8132
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_s390.deb
  Size/MD5 checksum:   778100 e5185091f6cd9e27d71580fb38fc8690
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_s390.deb
  Size/MD5 checksum:    67390 26dc5601e55ead50a24df92aa115e44e
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_s390.deb
  Size/MD5 checksum:   109050 4c65dcbf5625457c3fe1aa91f6664045

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_sparc.deb
  Size/MD5 checksum:  1295258 21cd0e05b94c92089329dd5668835e0d
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_sparc.deb
  Size/MD5 checksum:   123926 2555c9f3c2b04fb3158ba1013b66f2f2
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_sparc.deb
  Size/MD5 checksum:    56360 0d0cbbb1bd4c1ba9ab5a843097f5d194
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_sparc.deb
  Size/MD5 checksum:   802740 5636ffd8e41544e1495668221c448cdf
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_sparc.deb
  Size/MD5 checksum:    67386 165565fb0f4519388893f2f8548b0535
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_sparc.deb
  Size/MD5 checksum:   112954 c7a6faee63c2c8b59a30585245e4c2a1

These files will probably be moved into the stable distribution on
its next update.

For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: [email protected]
Package info: `apt-cache show <pkg>' and http://packages.debian.org/&lt;pkg&gt;

OSVersionArchitecturePackageVersionFilename
Debian3powerpclibmagick++5< 5.4.4.5-1woody5libmagick++5_5.4.4.5-1woody5_powerpc.deb
Debian3ia64libmagick5< 5.4.4.5-1woody5libmagick5_5.4.4.5-1woody5_ia64.deb
Debian3hppaimagemagick< 5.4.4.5-1woody5imagemagick_5.4.4.5-1woody5_hppa.deb
Debian3armlibmagick++5< 5.4.4.5-1woody5libmagick++5_5.4.4.5-1woody5_arm.deb
Debian3armperlmagick< 5.4.4.5-1woody5perlmagick_5.4.4.5-1woody5_arm.deb
Debian3sparcperlmagick< 5.4.4.5-1woody5perlmagick_5.4.4.5-1woody5_sparc.deb
Debian3m68kimagemagick< 5.4.4.5-1woody5imagemagick_5.4.4.5-1woody5_m68k.deb
Debian3alphaimagemagick< 5.4.4.5-1woody5imagemagick_5.4.4.5-1woody5_alpha.deb
Debian3mipsellibmagick++5-dev< 5.4.4.5-1woody5libmagick++5-dev_5.4.4.5-1woody5_mipsel.deb
Debian3m68kperlmagick< 5.4.4.5-1woody5perlmagick_5.4.4.5-1woody5_m68k.deb
Rows per page:
1-10 of 671

Related

openvas 9
nessus 10
debiancve 1
ubuntucve 1
debian 1
ubuntu 1
gentoo 2
freebsd 1
redhat 2
osv 1
cve 1
securityvulns 1
openvas
openvas
Gentoo Security Advisory GLSA 200501-37 (GraphicsMagick)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-646-1)
2008-01-17 00:00:00
Ubuntu: Security Advisory (USN-62-1)
2022-08-26 00:00:00
nessus
nessus
RHEL 4 : ImageMagick (RHSA-2005:071)
2005-02-22 00:00:00
FreeBSD : ImageMagick -- PSD handler heap overflow vulnerability (597e2bee-68ea-11d9-a9e7-0001020eed82)
2005-07-13 00:00:00
GLSA-200501-37 : GraphicsMagick: PSD decoding heap overflow
2005-02-14 00:00:00
debiancve
debiancve
CVE-2005-0005
2005-05-02 04:00:00
ubuntucve
ubuntucve
CVE-2005-0005
2005-05-02 00:00:00
debian
debian
[SECURITY] [DSA 646-1] New ImageMagick packages fix arbitrary code execution
2005-01-19 00:00:00
ubuntu
ubuntu
imagemagick vulnerability
2005-01-19 00:00:00
gentoo
gentoo
GraphicsMagick: PSD decoding heap overflow
2005-01-26 00:00:00
ImageMagick: PSD decoding heap overflow
2005-01-20 00:00:00
freebsd
freebsd
ImageMagick -- PSD handler heap overflow vulnerability
2004-12-21 00:00:00
redhat
redhat
(RHSA-2005:071) ImageMagick security update
2005-02-15 00:00:00
(RHSA-2005:070) ImageMagick security update
2005-03-23 00:00:00
osv
osv
imagemagick - buffer overflow
2005-01-19 00:00:00
cve
cve
CVE-2005-0005
2005-05-02 04:00:00
securityvulns
securityvulns
[Full-Disclosure] iDEFENSE Security Advisory 01.17.05: Multiple Vendor ImageMagick .psd Image File Decode Heap Overflow Vulnerability
2005-01-18 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for DEBIAN:DSA-646-1:70C16
openvas9nessus10debiancve1ubuntucve1debian1ubuntu1gentoo2freebsd1redhat2osv1cve1securityvulns1