Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: ImageMagick vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu Multiple vulnerabilities were found in ImageMagick's handling of DCM and WXD image files. By tricking a user into processing a specially crafted image with an application that uses imagemagick, an attacker could execute arbitrary code with the user's privileges.
Ubuntu Security Notice USN-481-1              July 10, 2007
imagemagick vulnerabilities
CVE-2007-1667, CVE-2007-1797

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  libmagick9                               6:

Ubuntu 6.10:
  libmagick9                               7:

Ubuntu 7.04:
  libmagick9                               7:

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Multiple vulnerabilities were found in ImageMagick's handling of DCM and
WXD image files.  By tricking a user into processing a specially crafted
image with an application that uses imagemagick, an attacker could
execute arbitrary code with the user's privileges.

Updated packages for Ubuntu 6.06 LTS:

  Source archives:
      Size/MD5:    39268 d58d313987a066dd86df9b74d3d381e8
      Size/MD5:      914 5c539bc0d8e2cc52fe855d5f9b5e63ac
      Size/MD5:  6085147 8d790a280f355489d0cfb6d36ce6751f

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)
      Size/MD5:  1616218 929e8078d8bba1f03eb3734a86d12237
      Size/MD5:   249430 e39f04adfb6fc9ed8c480066134edf85
      Size/MD5:   170242 cca72534252d50115e312e3d1ad6b8d1
      Size/MD5:  1704122 0337592e131f9e3850f53656fb2262fe
      Size/MD5:  1349102 289ff8bddf146faad3c60d06bb6e1d2c
      Size/MD5:   172082 2b64b93869789fa438c542292f68f393

  i386 architecture (x86 compatible Intel/AMD)
      Size/MD5:  1614958 98f7bcdd3151c5596f5e69c186e59586
      Size/MD5:   227330 3bb64f5491f07cfa5569d4bb6206d878
      Size/MD5:   168798 2c0d2f0cfdeff9318df323ae524c1819
      Size/MD5:  1557540 fe90a0e2e16e0e15398022d9cd334673
      Size/MD5:  1249124 724d4eee4af75a03a5085ca37ea7cb2e
      Size/MD5:   167466 7006c9f4de34bf647f569003fef86ca2

  powerpc architecture (Apple Macintosh G3/G4/G5)
      Size/MD5:  1619914 6c7133fd5890e8f722799464f68eee20
      Size/MD5:   251614 faa5eef311a9382696c4e94c06c62cd9
      Size/MD5:   162608 ed08b43e6f3ce095d1581370f6c10f3c
      Size/MD5:  1908620 48d307b2b8631b4a669be1322e5607bc
      Size/MD5:  1285056 2108f1a2044f78f4d180d7070807f256
      Size/MD5:   166472 f566c136b1ef95629e794a406d21b29c

  sparc architecture (Sun SPARC/UltraSPARC)
      Size/MD5:  1615972 ef034a5a75bd5a0a44d20bca9d0d962c
      Size/MD5:   229448 9302d5b800651254aefac294b4fba8a6
      Size/MD5:   167490 8c1259985a276f9d86b0e5ff5b46a6f8
      Size/MD5:  1809180 57823f107f4e713000ee1ab528805649
      Size/MD5:  1345326 69e88733176575bc82cebae8e41cdf13
      Size/MD5:   169178 b9a4b752ea434aa31f58b5a5ea997bb4

Updated packages for Ubuntu 6.10:

  Source archives:
      Size/MD5:    90910 68231bacd7a5ae7403c410b26b97cd5d
      Size/MD5:      953 8bc479de9c7cf4477feed5757e395649
      Size/MD5:  5203463 2c5d3723d25c4119cf003efce2161c56

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)
      Size/MD5:   742874 ba93dd4b28a65d5553395fc071069a48
      Size/MD5:   247822 4ce7e0b0a80817bf2a0b07ee6ee7106f
      Size/MD5:   170290 2cf91dcc2291a48132c79ede01c2a821
      Size/MD5:  1684874 7b79405bed4c5b119c773cd05f2ad437
      Size/MD5:  1331060 434269bee34224e27b985397c4f2b127
      Size/MD5:   172320 8407dcbf05d46267ad3db6f569ad12d3

  i386 architecture (x86 compatible Intel/AMD)
      Size/MD5:   742350 3de4b95e2c34286aed4dabea43a66f37
      Size/MD5:   227370 27f1140db9c32cfdb9826702979d1bf2
      Size/MD5:   169206 2df7b39d6703f5be49b4750f5c9d0642
      Size/MD5:  1592362 a2472a4bc137b54f890456c722f4bbe4
      Size/MD5:  1286408 993c92fde74d2c49c1b27cf6cf7b4138
      Size/MD5:   167864 03de16b72602ca86639f129b68ed2010

  powerpc architecture (Apple Macintosh G3/G4/G5)
      Size/MD5:   746384 4c9052fab557b9fb5043c3f61fda12e6
      Size/MD5:   251640 fe50cdb17ecdb95a3030ebe770610394
      Size/MD5:   162824 9f5552448f54a0b11343fe5a68a0b297
      Size/MD5:  1920416 1fa8980dcd30479361f48d04668e1c6f
      Size/MD5:  1297270 ae9c2d7231176a9515fa5e0d308bba04
      Size/MD5:   168534 c6708a1db384e0029b820515970ebd01

  sparc architecture (Sun SPARC/UltraSPARC)
      Size/MD5:   742356 2f9012b1a65e7b3fcfe2e0d3ae231808
      Size/MD5:   229220 d977c5fcfe31f6291d90c08f4b8ed086
      Size/MD5:   167862 247d9134a39c1338d2e3a0cfb5b1d70b
      Size/MD5:  1856368 9624df4328326451a8364a54908fb4aa
      Size/MD5:  1384114 3b73571c431cb0a881e48f02f6e101af
      Size/MD5:   174052 1b3a93163afe20f5af6479814b99fdce

Updated packages for Ubuntu 7.04:

  Source archives:
      Size/MD5:    92877 726d9ec77f113467bd12cfd556dfb8ed
      Size/MD5:     1119 6c3001a574f419da593c64503dc9dd83
      Size/MD5:  5203463 2c5d3723d25c4119cf003efce2161c56

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)
      Size/MD5:   740084 9ca3843dda7671083ec3d4bf5c4cca25
      Size/MD5:   248162 799228a0036b584376c505e3a9e37a98
      Size/MD5:   188124 a73c7b23186f8e7b3c51c43cd06a1893
      Size/MD5:  1685500 9227ea6a244f6abd8aaff4f8396a13c4
      Size/MD5:  1342200 05a7170dd3aa1ee9d033638bdb30a974
      Size/MD5:   173146 61a714fc8b6ed3e35cc276802c48a2a9

  i386 architecture (x86 compatible Intel/AMD)
      Size/MD5:   738958 ce4ea61a6c2020fd872e30c9053095d1
      Size/MD5:   227728 b5575f4f450f33dc3505ab83da1a1c89
      Size/MD5:   192160 8eb13fcf1e30e454f22680fcdd797d79
      Size/MD5:  1592142 64055813edba778b47c090fea4a08510
      Size/MD5:  1298348 59c70ba63832a7e113aa75ae91c83e96
      Size/MD5:   168772 ba626726f77801bbaaad34ea0da33af2

  powerpc architecture (Apple Macintosh G3/G4/G5)
      Size/MD5:   749606 19927653bda821a3e53e1b14533a154f
      Size/MD5:   251980 2bd0927abe6037eb44a5c50c2b84a89d
      Size/MD5:   201626 9571ff5ebb5fb9278220b3fc1d490e44
      Size/MD5:  1919402 5c1631f5041ea5fc1afe4ee3c31a694d
      Size/MD5:  1356302 d877997e9a359e8d4a8369a8f2dc0c65
      Size/MD5:   172354 f1b12a9ae07afa9463e81ea61c483259

  sparc architecture (Sun SPARC/UltraSPARC)
      Size/MD5:   740004 ade74dbedd5735024319615f795ea685
      Size/MD5:   229548 e73c1da68756893ae985580b83798a0c
      Size/MD5:   192338 2d8893d93abd4f436dd9725ecab583d6
      Size/MD5:  1855028 2aadfd4c48c26ca5f2adb8a263fcd391
      Size/MD5:  1395850 2b019d49426477dfefac43271f64fa7f
      Size/MD5:   174738 8d8e5a5fbc178404ad9b5838cbb28054

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
FBI Quietly Removes Recommendation To Encrypt Your Phone
And the prize for LEAST SECURE BROWSER goes to ... Chrome!
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.