Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: ImageMagick vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu Multiple vulnerabilities were found in the image decoders of ImageMagick. If a user or automated system were tricked into processing a malicious DCM, DIB, XBM, XCF, or XWD image, a remote attacker could execute arbitrary code with user privileges.
Ubuntu Security Notice USN-523-1           October 03, 2007
imagemagick vulnerabilities
CVE-2007-4985, CVE-2007-4986, CVE-2007-4987, CVE-2007-4988

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  libmagick9                      6:

Ubuntu 6.10:
  libmagick9                      7:

Ubuntu 7.04:
  libmagick9                      7:

In general, a standard system upgrade is sufficient to affect the
necessary changes.

Details follow:

Multiple vulnerabilities were found in the image decoders of ImageMagick.
If a user or automated system were tricked into processing a malicious
DCM, DIB, XBM, XCF, or XWD image, a remote attacker could execute arbitrary
code with user privileges.

Updated packages for Ubuntu 6.06 LTS:

  Source archives:
      Size/MD5:    42229 8120c33149c2ec1c1f3b59a3882630fd
      Size/MD5:      914 941dd3ec1f2c513843062bc7c769454c
      Size/MD5:  6085147 8d790a280f355489d0cfb6d36ce6751f

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:  1616632 d4deb50c1b1843ebe5ada38c3b56a3a2
      Size/MD5:   249720 bbdbb608c3dde24b5a423bfca415a704
      Size/MD5:   170604 c42f9f23d935cbe5de06b4d9e7facce6
      Size/MD5:  1705106 ee5cfdd6a9fe9f3d3404295a8f39197c
      Size/MD5:  1349578 d70c6512fafb8d10bdfc53084f6f9fd2
      Size/MD5:   172456 73aaae0a55239d0d7a5ce4220490a881

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:  1615386 bade96979da7e0960b3516d8e09459d1
      Size/MD5:   227720 51be8028e21b2c750e8ea413b66a3543
      Size/MD5:   169462 fa5d5893963efd82c52334c555782fa2
      Size/MD5:  1558274 99314fcb246c64ad52dce43b7d66f247
      Size/MD5:  1249796 f033bc31f42bdd6e3122846b600490e3
      Size/MD5:   167824 10d861f2a6bc25de801997490ead6ae9

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:  1620294 5ebba88fe11c95a1309c3e8afabbc999
      Size/MD5:   251980 661548d888e99f8a0842d7d498270fa2
      Size/MD5:   162972 e987bb72d7a5b08bd2cb2d4172536d09
      Size/MD5:  1909248 02be55420fcb300581026237a5523e79
      Size/MD5:  1285474 60c5e4cc95c31d1d9a4a47c1eb2f1c76
      Size/MD5:   166824 d96be3a8faf3087f5e063dff516aec77

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:  1615976 87e20f2a19bb9eae8498d1567d249215
      Size/MD5:   229814 6c9bc836e4539d9e9f67e821c0b2f358
      Size/MD5:   167896 0f19a91b4d3cf2f0cf07c4f307818dfa
      Size/MD5:  1809740 423f679061471f7686164a4f2119fa0e
      Size/MD5:  1345726 be4ec16609353a9b2dced58772823711
      Size/MD5:   169522 f15fc28c9846701bbeb3150cbb63f42c

Updated packages for Ubuntu 6.10:

  Source archives:
      Size/MD5:    94150 c406a03d15a72c8219076b177d733efd
      Size/MD5:      953 2ba54bda9ac1130a7c0026d0c75e1195
      Size/MD5:  5203463 2c5d3723d25c4119cf003efce2161c56

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   743208 6472383510d01ce766bd48c976dd94ca
      Size/MD5:   248166 fd907ef5c6b8b34ff95820c9000cd8be
      Size/MD5:   170656 d19b82c361f2fc0efc650eb06ef1cbb4
      Size/MD5:  1685696 96a0ae5c4efd53b9885aa927c3d88d7b
      Size/MD5:  1331462 2c2ae39783fd161182a37c77fd381983
      Size/MD5:   172676 e8368688e5e0c1dd8c0d0b73429b7eaa

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   742702 8674afb1cd17ed0d0a84b28149ee00cb
      Size/MD5:   227678 0544b89e5040976e7dd2a9dbb137c15f
      Size/MD5:   169778 4b038eb5a37a87c977ea79df858211e2
      Size/MD5:  1592776 ed93c84228f312ebde2d3fcbaae0fc9b
      Size/MD5:  1286692 50807ec57d937f19654c0f82e7f9ccf2
      Size/MD5:   168206 66185c7acdf25b81a8e599aedff286cb

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   746562 0d5e437a042a23985caf9dd6e59d7548
      Size/MD5:   251904 1a9b8931aa3ce8f622076590c185f283
      Size/MD5:   163224 4cbbd2435cd5c59ce2404fe5195c80c2
      Size/MD5:  1921112 d1f8ef2b8304c32795690a387eb93e1a
      Size/MD5:  1297810 d92eb04f586a24b26174b957d6bb16e2
      Size/MD5:   168892 6916929ea46391deaa92b27545a54525

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   742736 e96324230644733315a1ea84b0abdf10
      Size/MD5:   229538 938da3f1037199e94da3862cc6c9bd47
      Size/MD5:   168252 576d312de827f94ea1741b1229d80bdc
      Size/MD5:  1856882 a96a99caf2a1da0da1f795b4b3ea2002
      Size/MD5:  1384388 9ab8aafc61248392aefcc2053c946692
      Size/MD5:   174394 f2e60838cb8482b4bd6734f171299313

Updated packages for Ubuntu 7.04:

  Source archives:
      Size/MD5:    96096 38a3c71f92a8bcefae28e870d7772e15
      Size/MD5:     1119 d40113bf0a051e434d614fca74c37af3
      Size/MD5:  5203463 2c5d3723d25c4119cf003efce2161c56

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   740384 cda2c2e417cc11cbe91bf307460af628
      Size/MD5:   248398 4969f6832002108c4a695b73387172fb
      Size/MD5:   188416 eccb8048a8c954e94eaf08b22c810a7d
      Size/MD5:  1686218 8a3ab9db9b425b1a2be2970dd1fe9641
      Size/MD5:  1342718 b4c8ab3a699e291133fe5238abdbf50a
      Size/MD5:   173488 64528e0e9592f146eadfe5540c59bef1

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   739304 0caa7730df5d710fb876038aed038557
      Size/MD5:   228056 3aa8a19647803bf707d56462c208ab80
      Size/MD5:   192456 57812265e2ad9f663946b419e4bbb9a4
      Size/MD5:  1593102 3729f1ee62a869d776c04a47f79419fc
      Size/MD5:  1298944 3a9dee8633132e4f3dc60eb90df2f60c
      Size/MD5:   169122 a72c856f0cb2d21edb2e72982a079534

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   748292 777ba82a6f15486175f925c6c796e264
      Size/MD5:   252400 b73aa1033131262232149a5c0158dd4f
      Size/MD5:   202016 e2f56ce89c6fba93a5e4de5fbe3cf022
      Size/MD5:  1919668 b680f2c8f557932064238fd60c878f8d
      Size/MD5:  1357236 271e83346ed64b9955646338a54a39f8
      Size/MD5:   172706 35a4bb14850902ced62351e601f1c0ef

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   740302 88a8ead7e434ee0761c403d38479bfc7
      Size/MD5:   229926 8f2dcb658c8d893a99657d4c6fabfcf8
      Size/MD5:   192604 ac085df1fece347cf401bcd3805a65a7
      Size/MD5:  1855566 45c09f03226894dc59e95a7559a48d3f
      Size/MD5:  1395968 5b77017d497dea65fe667f1b5cde3552
      Size/MD5:   175096 fd8e49f508cf99a09a9d7d2f50a3e838

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
FBI Quietly Removes Recommendation To Encrypt Your Phone
And the prize for LEAST SECURE BROWSER goes to ... Chrome!
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.