Vulnerabilities > CVE-2007-1797 - Numeric Errors vulnerability in Imagemagick
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_IMAGEMAGICK-3737.NASL description This update of ImageMagick fixes a bug in the patch for the last security update for CVE-2007-1797. last seen 2020-06-01 modified 2020-06-02 plugin id 29352 published 2007-12-13 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29352 title SuSE 10 Security Update : ImageMagick (ZYPP Patch Number 3737) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(29352); script_version ("1.13"); script_cvs_date("Date: 2019/10/25 13:36:29"); script_cve_id("CVE-2007-1797"); script_name(english:"SuSE 10 Security Update : ImageMagick (ZYPP Patch Number 3737)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This update of ImageMagick fixes a bug in the patch for the last security update for CVE-2007-1797." ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2007-1797.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 3737."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2007/06/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:1, reference:"ImageMagick-6.2.5-16.23")) flag++; if (rpm_check(release:"SLED10", sp:1, reference:"ImageMagick-Magick++-6.2.5-16.23")) flag++; if (rpm_check(release:"SLED10", sp:1, reference:"ImageMagick-devel-6.2.5-16.23")) flag++; if (rpm_check(release:"SLED10", sp:1, reference:"perl-PerlMagick-6.2.5-16.23")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else exit(0, "The host is not affected.");NASL family SuSE Local Security Checks NASL id SUSE_IMAGEMAGICK-3743.NASL description This update of ImageMagick fixes a bug in the patch for the last security update for CVE-2007-1797. last seen 2020-06-01 modified 2020-06-02 plugin id 27110 published 2007-10-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27110 title openSUSE 10 Security Update : ImageMagick (ImageMagick-3743) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update ImageMagick-3743. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(27110); script_version ("1.13"); script_cvs_date("Date: 2019/10/25 13:36:29"); script_cve_id("CVE-2007-1797"); script_name(english:"openSUSE 10 Security Update : ImageMagick (ImageMagick-3743)"); script_summary(english:"Check for the ImageMagick-3743 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of ImageMagick fixes a bug in the patch for the last security update for CVE-2007-1797." ); script_set_attribute( attribute:"solution", value:"Update the affected ImageMagick packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ImageMagick"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ImageMagick-Magick++"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ImageMagick-Magick++-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ImageMagick-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-PerlMagick"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.1"); script_set_attribute(attribute:"patch_publication_date", value:"2007/06/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE10\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE10.1", reference:"ImageMagick-6.2.5-16.23") ) flag++; if ( rpm_check(release:"SUSE10.1", reference:"ImageMagick-Magick++-6.2.5-16.23") ) flag++; if ( rpm_check(release:"SUSE10.1", reference:"ImageMagick-Magick++-devel-6.2.5-16.23") ) flag++; if ( rpm_check(release:"SUSE10.1", reference:"ImageMagick-devel-6.2.5-16.23") ) flag++; if ( rpm_check(release:"SUSE10.1", reference:"perl-PerlMagick-6.2.5-16.23") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ImageMagick"); }NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2008-0145.NASL description Updated ImageMagick packages that correct several security issues are now available for Red Hat Enterprise Linux versions 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Several heap-based buffer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM or XWD file, an attacker could potentially execute arbitrary code on the victim last seen 2020-06-01 modified 2020-06-02 plugin id 31995 published 2008-04-22 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/31995 title CentOS 3 / 4 / 5 : ImageMagick (CESA-2008:0145) NASL family Fedora Local Security Checks NASL id FEDORA_2007-1340.NASL description Maintainance update fixing several security issues and bugs. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 27710 published 2007-11-06 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/27710 title Fedora 7 : GraphicsMagick-1.1.8-2.fc7 (2007-1340) NASL family SuSE Local Security Checks NASL id SUSE_IMAGEMAGICK-3448.NASL description This update of ImageMagick fixes a bug in the patch for the last security update for CVE-2007-1797. last seen 2020-06-01 modified 2020-06-02 plugin id 27109 published 2007-10-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27109 title openSUSE 10 Security Update : ImageMagick (ImageMagick-3448) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1903.NASL description Several vulnerabilities have been discovered in graphicsmagick, a collection of image processing tool, which can lead to the execution of arbitrary code, exposure of sensitive information or cause DoS. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1667 Multiple integer overflows in XInitImage function in xwd.c for GraphicsMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow. It only affects the oldstable distribution (etch). - CVE-2007-1797 Multiple integer overflows allow remote attackers to execute arbitrary code via a crafted DCM image, or the colors or comments field in a crafted XWD image. It only affects the oldstable distribution (etch). - CVE-2007-4985 A crafted image file can trigger an infinite loop in the ReadDCMImage function or in the ReadXCFImage function. It only affects the oldstable distribution (etch). - CVE-2007-4986 Multiple integer overflows allow context-dependent attackers to execute arbitrary code via a crafted .dcm, .dib, .xbm, .xcf, or .xwd image file, which triggers a heap-based buffer overflow. It only affects the oldstable distribution (etch). - CVE-2007-4988 A sign extension error allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow. It affects only the oldstable distribution (etch). - CVE-2008-1096 The load_tile function in the XCF coder allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write. It affects only oldstable (etch). - CVE-2008-3134 Multiple vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via vectors in the AVI, AVS, DCM, EPT, FITS, MTV, PALM, RLA, and TGA decoder readers; and the GetImageCharacteristics function in magick/image.c, as reachable from a crafted PNG, JPEG, BMP, or TIFF file. - CVE-2008-6070 Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image. - CVE-2008-6071 Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image. - CVE-2008-6072 Multiple vulnerabilities in GraphicsMagick allow remote attackers to cause a denial of service (crash) via vectors in XCF and CINEON images. - CVE-2008-6621 Vulnerability in GraphicsMagick allows remote attackers to cause a denial of service (crash) via vectors in DPX images. - CVE-2009-1882 Integer overflow allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow. last seen 2020-06-01 modified 2020-06-02 plugin id 44768 published 2010-02-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44768 title Debian DSA-1903-1 : graphicsmagick - several vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2007-414.NASL description - Thu Apr 5 2007 Norm Murray <nmurray at redhat.com> 6.2.5.4-4.2.1.fc5.8 - more overflows (#235075, CVE-2007-1797) - Fri Sep 22 2006 Norm Murray <nmurray at redhat.com> 6.2.5.4-4.2.1.fc5.7 - more overflows (#210921 CVE-2006-5456) - Fri Sep 22 2006 Norm Murray <nmurray at redhat.com> 6.2.5.4-4.2.1.fc5.6 - fix ImageMagick-perl building (#203975) - Thu Sep 7 2006 Norm Murray <nmurray at redhat.com> - 6.2.5.4-4.2.1.fc5.5 - rebuilding - Wed Aug 23 2006 Matthias Clasen <mclasen at redhat.com> - 6.2.5.4-4.2.1.fc5.4 - fix several integer and buffer overflows (#202193, CVE-2006-3743) - fix more integer overflows (#202771, CVE-2006-4144) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 25045 published 2007-04-19 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/25045 title Fedora Core 5 : ImageMagick-6.2.5.4-4.2.1.fc5.8 (2007-414) NASL family SuSE Local Security Checks NASL id SUSE_IMAGEMAGICK-3131.NASL description This update of ImageMagick fixes three integer overflow in DCM and XWD code. These bugs can be exploited remotely via other application. (CVE-2007-1667 / CVE-2007-1797) last seen 2020-06-01 modified 2020-06-02 plugin id 29351 published 2007-12-13 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29351 title SuSE 10 Security Update : ImageMagick (ZYPP Patch Number 3131) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200705-13.NASL description The remote host is affected by the vulnerability described in GLSA-200705-13 (ImageMagick: Multiple buffer overflows) iDefense Labs has discovered multiple integer overflows in ImageMagick in the functions ReadDCMImage() and ReadXWDImage(), that are used to process DCM and XWD files. Impact : An attacker could entice a user to open specially crafted XWD or DCM file, resulting in heap-based buffer overflows and possibly the execution of arbitrary code with the privileges of the user running ImageMagick. Note that this user may be httpd or any other account used by applications relying on the ImageMagick tools to automatically process images. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 25209 published 2007-05-11 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/25209 title GLSA-200705-13 : ImageMagick: Multiple buffer overflows NASL family SuSE Local Security Checks NASL id SUSE_IMAGEMAGICK-3130.NASL description This update of ImageMagick fixes three integer overflow in DCM and XWD code. These bugs can be exploited remotely via other application. (CVE-2007-1667,CVE-2007-1797) last seen 2020-06-01 modified 2020-06-02 plugin id 27108 published 2007-10-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27108 title openSUSE 10 Security Update : ImageMagick (ImageMagick-3130) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2008-0165.NASL description Updated ImageMagick packages that correct several security issues are now available for Red Hat Enterprise Linux version 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Several heap-based buffer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM or XWD file, an attacker could potentially execute arbitrary code on the victim last seen 2020-06-01 modified 2020-06-02 plugin id 31985 published 2008-04-18 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/31985 title RHEL 2.1 : ImageMagick (RHSA-2008:0165) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2008-0145.NASL description From Red Hat Security Advisory 2008:0145 : Updated ImageMagick packages that correct several security issues are now available for Red Hat Enterprise Linux versions 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Several heap-based buffer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM or XWD file, an attacker could potentially execute arbitrary code on the victim last seen 2020-06-01 modified 2020-06-02 plugin id 67656 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67656 title Oracle Linux 3 / 4 / 5 : ImageMagick (ELSA-2008-0145) NASL family Fedora Local Security Checks NASL id FEDORA_2007-413.NASL description - Thu Apr 5 2007 Norm Murray <nmurray at redhat.com> - 6.2.8.0-4.fc6 - fix more overflows (#235075, CVE-2007-1797) - fix icon conversions (#206873) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 25003 published 2007-04-06 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/25003 title Fedora Core 6 : ImageMagick-6.2.8.0-4.fc6 (2007-413) NASL family Scientific Linux Local Security Checks NASL id SL_20080416_IMAGEMAGICK_ON_SL3_X.NASL description Several heap-based buffer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM or XWD file, an attacker could potentially execute arbitrary code on the victim last seen 2020-06-01 modified 2020-06-02 plugin id 60382 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60382 title Scientific Linux Security Update : ImageMagick on SL3.x, SL4.x, SL5.x i386/x86_64 NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-481-1.NASL description Multiple vulnerabilities were found in ImageMagick last seen 2020-06-01 modified 2020-06-02 plugin id 28082 published 2007-11-10 reporter Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/28082 title Ubuntu 6.06 LTS / 6.10 / 7.04 : imagemagick vulnerabilities (USN-481-1) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1858.NASL description Several vulnerabilities have been discovered in the imagemagick image manipulation programs which can lead to the execution of arbitrary code, exposure of sensitive information or cause DoS. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1667 Multiple integer overflows in XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow. It only affects the oldstable distribution (etch). - CVE-2007-1797 Multiple integer overflows allow remote attackers to execute arbitrary code via a crafted DCM image, or the colors or comments field in a crafted XWD image. It only affects the oldstable distribution (etch). - CVE-2007-4985 A crafted image file can trigger an infinite loop in the ReadDCMImage function or in the ReadXCFImage function. It only affects the oldstable distribution (etch). - CVE-2007-4986 Multiple integer overflows allow context-dependent attackers to execute arbitrary code via a crafted .dcm, .dib, .xbm, .xcf, or .xwd image file, which triggers a heap-based buffer overflow. It only affects the oldstable distribution (etch). - CVE-2007-4987 Off-by-one error allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a last seen 2020-06-01 modified 2020-06-02 plugin id 44723 published 2010-02-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44723 title Debian DSA-1858-1 : imagemagick - multiple vulnerabilities NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2008-0145.NASL description Updated ImageMagick packages that correct several security issues are now available for Red Hat Enterprise Linux versions 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Several heap-based buffer overflow flaws were found in ImageMagick. If a victim opened a specially crafted DCM or XWD file, an attacker could potentially execute arbitrary code on the victim last seen 2020-06-01 modified 2020-06-02 plugin id 31984 published 2008-04-18 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/31984 title RHEL 3 / 4 / 5 : ImageMagick (RHSA-2008:0145) NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2007-147.NASL description A number of vulnerabilities were discovered in how ImageMagick handles DCM and XWD image files. If a user were tricked into processing a specially crafted image file with an application that uses ImageMagick, an attacker could cause a heap-based buffer overflow and possibly execute arbitrary code with the user last seen 2020-06-01 modified 2020-06-02 plugin id 25750 published 2007-07-23 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/25750 title Mandrake Linux Security Advisory : ImageMagick (MDKSA-2007:147) NASL family SuSE Local Security Checks NASL id SUSE_GRAPHICSMAGICK-3129.NASL description This update of GraphicsMagick fixes three integer overflow in DCM and XWD code. These bugs can be exploited remotely via other application. (CVE-2007-1667,CVE-2007-1797) last seen 2020-06-01 modified 2020-06-02 plugin id 27103 published 2007-10-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27103 title openSUSE 10 Security Update : GraphicsMagick (GraphicsMagick-3129)
Oval
| accepted | 2013-04-29T04:18:35.837-04:00 | ||||||||||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||||||||||
| description | Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667. | ||||||||||||||||||||||||||||||||
| family | unix | ||||||||||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:9254 | ||||||||||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||||||||||||||
| title | Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667. | ||||||||||||||||||||||||||||||||
| version | 27 |
Redhat
| advisories |
| ||||||||
| rpms |
|
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=496
- http://secunia.com/advisories/24721
- http://secunia.com/advisories/24739
- http://secunia.com/advisories/25072
- http://secunia.com/advisories/25206
- http://secunia.com/advisories/25992
- http://secunia.com/advisories/26177
- http://secunia.com/advisories/29786
- http://secunia.com/advisories/29857
- http://secunia.com/advisories/36260
- http://security.gentoo.org/glsa/glsa-200705-13.xml
- http://www.debian.org/security/2009/dsa-1858
- http://www.imagemagick.org/script/changelog.php
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:147
- http://www.novell.com/linux/security/advisories/2007_8_sr.html
- http://www.redhat.com/support/errata/RHSA-2008-0145.html
- http://www.redhat.com/support/errata/RHSA-2008-0165.html
- http://www.securityfocus.com/bid/23252
- http://www.securityfocus.com/bid/23347
- http://www.securitytracker.com/id?1017839
- http://www.ubuntu.com/usn/usn-481-1
- http://www.vupen.com/english/advisories/2007/1200
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33376
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33377
- https://issues.foresightlinux.org/browse/FL-222
- https://issues.rpath.com/browse/RPL-1205
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9254