(RHSA-2005:320) ImageMagick security update

ID RHSA-2005:320
Type redhat
Reporter RedHat
Modified 2017-09-08T12:19:53


ImageMagick(TM) is an image display and manipulation tool for the X Window System which can read and write multiple image formats.

A format string bug was found in the way ImageMagick handles filenames. An attacker could execute arbitrary code on a victim's machine if they were able to trick the victim into opening a file with a specially crafted name. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0397 to this issue.

Additionally, a bug was fixed which caused ImageMagick(TM) to occasionally segfault when writing TIFF images to standard output.

Users of ImageMagick should upgrade to these updated packages, which contain a backported patch, and are not vulnerable to these issues.