Lucene search
UbuntuUSN-1028-1HistoryDec 07, 2010 - 12:00 a.m.
ImageMagick vulnerability
2010-12-0700:00:00
ubuntu.com
34
8.8 High
AI Score
Confidence
High
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
9.3%
Releases
- Ubuntu 10.10
- Ubuntu 10.04
- Ubuntu 9.10
- Ubuntu 8.04
Packages
- imagemagick -
Details
It was discovered that ImageMagick would search for configuration files in
the current directory. If a user were tricked into opening or processing an
image in an arbitrary directory, a local attacker could execute arbitrary
code with the user’s privileges.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 9.10 | noarch | imagemagick | <Â 7:6.5.1.0-1.1ubuntu3.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | imagemagick-dbg | <Â 7:6.5.1.0-1.1ubuntu3.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libmagick++-dev | <Â 7:6.5.1.0-1.1ubuntu3.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libmagick++2 | <Â 7:6.5.1.0-1.1ubuntu3.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libmagickcore-dev | <Â 7:6.5.1.0-1.1ubuntu3.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libmagickcore2 | <Â 7:6.5.1.0-1.1ubuntu3.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libmagickwand-dev | <Â 7:6.5.1.0-1.1ubuntu3.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libmagickwand2 | <Â 7:6.5.1.0-1.1ubuntu3.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | perlmagick | <Â 7:6.5.1.0-1.1ubuntu3.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | imagemagick | <Â 7:6.3.7.9.dfsg1-2ubuntu1.2 | UNKNOWN |
References
Related
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:51:07
openvas
openvas
Fedora Update for ImageMagick FEDORA-2010-19056
2010-12-28 00:00:00
Ubuntu Update for imagemagick vulnerability USN-1028-1
2010-12-23 00:00:00
Fedora Update for ImageMagick FEDORA-2010-19056
2010-12-28 00:00:00
securityvulns
securityvulns
ImageMagic code execution
2010-12-09 00:00:00
[USN-1028-1] ImageMagick vulnerability
2010-12-09 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: ImageMagick-6.6.4.1-15.fc14
2010-12-23 19:56:59
[SECURITY] Fedora 13 Update: ImageMagick-6.5.8.10-7.fc13
2010-12-26 19:55:07
nessus
nessus
Fedora 13 : ImageMagick-6.5.8.10-7.fc13 (2010-19056)
2010-12-27 00:00:00
RHEL 5 : ImageMagick (RHSA-2012:0301)
2012-02-21 00:00:00
ubuntucve
ubuntucve
CVE-2010-4167
2010-11-22 00:00:00
cve
cve
CVE-2010-4167
2010-11-22 20:00:00
redhat
redhat
(RHSA-2012:0301) Low: ImageMagick security and bug fix update
2012-02-21 00:00:00
(RHSA-2012:0544) Moderate: ImageMagick security update
2012-05-07 00:00:00
prion
prion
Design/Logic Flaw
2010-11-22 20:00:00
debiancve
debiancve
CVE-2010-4167
2010-11-22 20:00:00
oraclelinux
oraclelinux
ImageMagick security and bug fix update
2012-03-01 00:00:00
ImageMagick security update
2012-05-07 00:00:00
amazon
amazon
Medium: ImageMagick
2012-05-08 23:14:00
centos
centos
ImageMagick security update
2012-05-07 22:49:25
8.8 High
AI Score
Confidence
High
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
9.3%
Related for USN-1028-1