9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.463 Medium
EPSS
Percentile
96.9%
Several remote vulnerabilities have been discovered in Imagemagick,
a collection of image manipulation programs, which may lead to the
execution of arbitrary code. The Common Vulnerabilities and Exposures
project identifies the following problems:
This update also addresses regressions in the XCF codec, which were
introduced in the previous security update.
For the stable distribution (sarge) these problems have been fixed in
version 6:6.0.6.2-2.8.
For the upcoming stable distribution (etch) these problems have been
fixed in version 7:6.2.4.5.dfsg1-0.11.
For the unstable distribution (sid) these problems have been fixed in
version 7:6.2.4.5.dfsg1-0.11.
We recommend that you upgrade your imagemagick packages.
CPE | Name | Operator | Version |
---|---|---|---|
imagemagick | eq | 6:6.0.6.2-2.4 | |
imagemagick | eq | 6:6.0.6.2-2.5 | |
imagemagick | eq | 6:6.0.6.2-2.6 | |
imagemagick | eq | 6:6.0.6.2-2.7 |