Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs

ImageMagick Photoshop Document Parsing Remote Client-Side Buffer Overflow Vulnerability

Solution:
The vendor has released an upgrade dealing with this issue.

TurboLinux has released advisory TLSA-2005-47 along with fixes dealing with this issue. Please see the referenced advisory for more information.

SGI has released an advisory 20050304-01-U including updated SGI ProPack 3 Service Pack 4 packages to address this issue. Please see the referenced advisory for more information.

Ubuntu Linux has made advisory USN-62-1 along with fixes available dealing with this issue. Please see the referenced advisory for more information.

Debian has released a security advisory (DSA 646-1) and fixes to address this vulnerability. Customers are advised to see the referenced advisory for further details regarding obtaining and applying appropriate updates.

Gentoo has released an advisory (GLSA 200501-26) and fixes for their ImageMagick packages. To upgrade to the fixed version, execute the following commands:

emerge --sync
emerge --ask --oneshot --verbose ">=media-gfx/imagemagick-6.1.8.8"

Please see the referenced Gentoo advisory for more information.

Gentoo has released advisory GLSA 200501-37 dealing with this issue for their GraphicsMagick packages. Gentoo recommends that all GraphicsMagick users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=media-gfx/graphicsmagick-1.1.5"

Please see the referenced Gentoo advisory for more information.

SuSE Linux has released a security summary report (SUSE-SR:2005:003) that contains fixes to address this and other vulnerabilities. Customers are advised to peruse the referenced advisory for further information regarding obtaining and applying appropriate updates.

Ubuntu has released advisory USN-90-1 to address this issue. Please see the referenced advisory for more information.

Gentoo linux has released an advisory (GLSA 200503-11) dealing with this issue. Gentoo advises that all ImageMagick users should upgrade to the latest version by issuing the following commands with superuser privileges:

emerge --sync
emerge --ask --oneshot --verbose ">=media-gfx/imagemagick-6.2.0.4"

For more information please see the referenced Gentoo linux advisory.

Red Hat has released advisory RHSA-2005:320-10 and fixes to address this issue on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.

SuSE Linux has released an advisory (SUSE-SA:2005:017) dealing with this and other issues. Please see the referenced advisory for more information.

RedHat has released advisories FEDORA-2005-234 and FEDORA-2005-235 dealing with this issue in their Core 2 and Core 3 packages respectively. Please see the referenced advisory for more information.

MandrakeSoft has released advisory MDKSA-2005:065 to address this issue. Please see the referenced advisory for more information.

RedHat Fedora Legacy has released security advisory FLSA:152777 addressing this issue for RedHat Linux 7.3 and 9.0, and for Fedora Core 1 and 2. Please see the referenced advisory for further information.


RedHat Fedora Core2

RedHat Fedora Core1

GraphicsMagick GraphicsMagick 1.0

GraphicsMagick GraphicsMagick 1.0.6

GraphicsMagick GraphicsMagick 1.1

GraphicsMagick GraphicsMagick 1.1.3

GraphicsMagick GraphicsMagick 1.1.4

ImageMagick ImageMagick 5.3.3

ImageMagick ImageMagick 5.4.3

ImageMagick ImageMagick 5.4.7

ImageMagick ImageMagick 6.0

ImageMagick ImageMagick 6.0.1

ImageMagick ImageMagick 6.0.2

ImageMagick ImageMagick 6.0.2 .5

ImageMagick ImageMagick 6.0.3

ImageMagick ImageMagick 6.0.4

ImageMagick ImageMagick 6.0.5

ImageMagick ImageMagick 6.0.6

ImageMagick ImageMagick 6.0.7

ImageMagick ImageMagick 6.0.8

ImageMagick ImageMagick 6.1

ImageMagick ImageMagick 6.1.1

ImageMagick ImageMagick 6.1.2

ImageMagick ImageMagick 6.1.3

ImageMagick ImageMagick 6.1.4

ImageMagick ImageMagick 6.1.5

ImageMagick ImageMagick 6.1.6

ImageMagick ImageMagick 6.1.7

RedHat Linux 7.3 i386

RedHat Linux 7.3 i686

RedHat Linux 7.3

RedHat Linux 9.0 i386




 

Privacy Statement
Copyright 2008, SecurityFocus