Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2008:0165
HistoryApr 16, 2008 - 12:00 a.m.

(RHSA-2008:0165) Moderate: ImageMagick security update

2008-04-1600:00:00
access.redhat.com
10

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.27 Low

EPSS

Percentile

96.3%

JSON

ImageMagick is an image display and manipulation tool for the X Window
System that can read and write multiple image formats.

Several heap-based buffer overflow flaws were found in ImageMagick. If a
victim opened a specially-crafted DCM or XWD file, an attacker could
potentially execute arbitrary code on the victim’s machine. (CVE-2007-1797)

Several denial of service flaws were found in ImageMagick’s parsing of XCF
and DCM files. Attempting to process a specially crafted input file in
these formats could cause ImageMagick to enter an infinite loop.
(CVE-2007-4985)

Several integer overflow flaws were found in ImageMagick. If a victim
opened a specially-crafted DCM, DIB, XBM, XCF or XWD file, an attacker
could potentially execute arbitrary code with the privileges of the user
running ImageMagick. (CVE-2007-4986)

A heap-based buffer overflow flaw was found in ImageMagick’s processing of
certain malformed PCX images. If a victim opened a specially-crafted PCX
file, an attacker could possibly execute arbitrary code with the privileges
of the user running ImageMagick… (CVE-2008-1097)

All users of ImageMagick should upgrade to these updated packages, which
contain backported patches to correct these issues.

OSVersionArchitecturePackageVersionFilename
RedHatanyi386imagemagick-perl<Β 5.3.8-21ImageMagick-perl-5.3.8-21.i386.rpm
RedHatanyia64imagemagick-perl<Β 5.3.8-21ImageMagick-perl-5.3.8-21.ia64.rpm
RedHatanyia64imagemagick<Β 5.3.8-21ImageMagick-5.3.8-21.ia64.rpm
RedHatanyia64imagemagick-c++<Β 5.3.8-21ImageMagick-c++-5.3.8-21.ia64.rpm
RedHatanyi386imagemagick<Β 5.3.8-21ImageMagick-5.3.8-21.i386.rpm
RedHatanyi386imagemagick-c++<Β 5.3.8-21ImageMagick-c++-5.3.8-21.i386.rpm
RedHatanyia64imagemagick-c++-devel<Β 5.3.8-21ImageMagick-c++-devel-5.3.8-21.ia64.rpm
RedHatanyi386imagemagick-c++-devel<Β 5.3.8-21ImageMagick-c++-devel-5.3.8-21.i386.rpm
RedHatanyia64imagemagick-devel<Β 5.3.8-21ImageMagick-devel-5.3.8-21.ia64.rpm
RedHatanyi386imagemagick-devel<Β 5.3.8-21ImageMagick-devel-5.3.8-21.i386.rpm

Related

centos 2
openvas 43
nessus 31
oraclelinux 2
redhat 1
osv 2
debian 2
securityvulns 4
freebsd 1
gentoo 3
ubuntu 2
ubuntucve 4
cve 4
prion 4
debiancve 4
veracode 4
fedora 3
seebug 1
centos
centos
ImageMagick security update
2008-04-18 00:17:42
ImageMagick security update
2008-04-17 15:52:20
openvas
openvas
RedHat Update for ImageMagick RHSA-2008:0165-01
2009-03-06 00:00:00
RedHat Update for ImageMagick RHSA-2008:0165-01
2009-03-06 00:00:00
CentOS Update for ImageMagick CESA-2008:0165-01 centos2 i386
2009-02-27 00:00:00
nessus
nessus
RHEL 2.1 : ImageMagick (RHSA-2008:0165)
2008-04-18 00:00:00
RHEL 3 / 4 / 5 : ImageMagick (RHSA-2008:0145)
2008-04-18 00:00:00
CentOS 3 / 4 / 5 : ImageMagick (CESA-2008:0145)
2008-04-22 00:00:00
oraclelinux
oraclelinux
ImageMagick security update
2008-04-17 00:00:00
ImageMagick security and bug fix update
2012-03-01 00:00:00
redhat
redhat
(RHSA-2008:0145) Moderate: ImageMagick security update
2008-04-16 00:00:00
osv
osv
imagemagick - several vulnerabilities
2009-08-10 00:00:00
graphicsmagick - several
2009-10-07 00:00:00
debian
debian
[SECURITY] [DSA 1858-1] New imagemagick packages fix several vulnerabilities
2009-08-10 17:05:37
[SECURITY] [DSA 1903-1] New graphicsmagick packages fix several vulnerabilities
2009-10-07 19:08:51
securityvulns
securityvulns
ImageMagic multiple security vulnerabilities
2007-09-24 00:00:00
iDefense Security Advisory 09.19.07: Multiple Vendor ImageMagick Multiple Denial of Service Vulnerabilities
2007-09-24 00:00:00
iDefense Security Advisory 09.19.07: Multiple Vendor ImageMagick Multiple Integer Overflow Vulnerabilities
2007-09-24 00:00:00
freebsd
freebsd
ImageMagick -- multiple vulnerabilities
2007-09-19 00:00:00
gentoo
gentoo
ImageMagick: Multiple vulnerabilities
2007-10-24 00:00:00
ImageMagick: Multiple buffer overflows
2007-05-10 00:00:00
GraphicsMagick: Multiple vulnerabilities
2013-11-19 00:00:00
ubuntu
ubuntu
ImageMagick vulnerabilities
2007-10-03 00:00:00
ImageMagick vulnerabilities
2007-07-10 00:00:00
ubuntucve
ubuntucve
CVE-2007-4985
2007-09-24 00:00:00
CVE-2007-4986
2007-09-24 00:00:00
CVE-2008-1097
2008-03-05 00:00:00
cve
cve
CVE-2007-4986
2007-09-24 22:17:00
CVE-2007-4985
2007-09-24 22:17:00
CVE-2008-1097
2008-03-05 20:44:00
prion
prion
Integer overflow
2007-09-24 22:17:00
Cross site request forgery (csrf)
2007-09-24 22:17:00
Heap overflow
2008-03-05 20:44:00
debiancve
debiancve
CVE-2007-4986
2007-09-24 22:17:00
CVE-2007-4985
2007-09-24 22:17:00
CVE-2008-1097
2008-03-05 20:44:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:20:11
Denial Of Service (DoS)
2020-04-10 00:20:11
Arbitrary Code Execution
2020-04-10 00:20:11
fedora
fedora
[SECURITY] Fedora Core 6 Update: ImageMagick-6.2.8.0-4.fc6
2007-04-05 19:49:44
[SECURITY] Fedora Core 5 Update: ImageMagick-6.2.5.4-4.2.1.fc5.8
2007-04-17 12:53:26
[SECURITY] Fedora 7 Update: GraphicsMagick-1.1.8-2.fc7
2007-07-30 17:04:58
seebug
seebug
ImageMagick XCF及PCXζ–‡δ»Άε€„η†ε †ζΊ’ε‡ΊζΌζ΄ž
2008-04-19 00:00:00

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.27 Low

EPSS

Percentile

96.3%

JSON
Related for RHSA-2008:0165
centos2openvas43nessus31oraclelinux2redhat1osv2debian2securityvulns4freebsd1gentoo3ubuntu2ubuntucve4cve4prion4debiancve4veracode4fedora3seebug1