RedHatRHSA-2004:480(RHSA-2004:480) ImageMagick security update
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.044 Low
EPSS
Percentile
91.5%
ImageMagick™ is an image display and manipulation tool for the X Window
System.
A heap overflow flaw has been discovered in the ImageMagick image handler.
An attacker could create a carefully crafted BMP file in such a way that it
could cause ImageMagick to execute arbitrary code when processing the
image. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2004-0827 to this issue.
Users of ImageMagick should upgrade to this updated package, which contains
a backported patch, and is not vulnerable to this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | ia64 | imagemagick-c++-devel | < 5.5.6-6 | ImageMagick-c++-devel-5.5.6-6.ia64.rpm |
| RedHat | any | ia64 | imagemagick-devel | < 5.5.6-6 | ImageMagick-devel-5.5.6-6.ia64.rpm |
| RedHat | any | ia64 | imagemagick | < 5.5.6-6 | ImageMagick-5.5.6-6.ia64.rpm |
| RedHat | any | ia64 | imagemagick-perl | < 5.5.6-6 | ImageMagick-perl-5.5.6-6.ia64.rpm |
| RedHat | any | ia64 | imagemagick-c++ | < 5.5.6-6 | ImageMagick-c++-5.5.6-6.ia64.rpm |
Related
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.044 Low
EPSS
Percentile
91.5%