Bug 176925 - CVE-2006-0082 ImageMagick format string vulnerability.
CVE-2006-0082 ImageMagick format string vulnerability.
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: ImageMagick (Show other bugs)
4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Matthias Clasen
Mike McLean
reported=20060104,public=20060104,sou...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-01-04 09:14 EST by Josh Bressers
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version: RHSA-2006-0178
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-02-14 11:08:09 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
patch for 6.2.5 (Rawhide) (1.52 KB, patch)
2006-01-04 12:05 EST, Matthias Clasen
no flags Details | Diff
patch for 6.0.7 (RHEL 4) (846 bytes, patch)
2006-01-04 13:52 EST, Matthias Clasen
no flags Details | Diff
patch for 5.5.6 (RHEL 3) (802 bytes, patch)
2006-01-04 13:54 EST, Matthias Clasen
no flags Details | Diff
patch for 5.3.8 (RHEL 2.1) (800 bytes, patch)
2006-01-04 13:55 EST, Matthias Clasen
no flags Details | Diff

  None (edit)
Description Josh Bressers 2006-01-04 09:14:11 EST
ImageMagick format string vulnerability.

The fix for CVE-2005-0397 is incomplete.  As the Debian bug suggests,
by running a command such as:

convert file.jpg file%d%n.jpg

A segfault will result in ImageMagick.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345876


This issue also affects RHEL3
This issue also affects RHEL2.1
Comment 1 Matthias Clasen 2006-01-04 12:04:07 EST
The fix in the debian bug is incomplete, the same code is repeated in blob.c
Comment 2 Matthias Clasen 2006-01-04 12:05:34 EST
Created attachment 122767 [details]
patch for 6.2.5 (Rawhide)
Comment 3 Matthias Clasen 2006-01-04 13:52:42 EST
Created attachment 122771 [details]
patch for 6.0.7 (RHEL 4)
Comment 4 Matthias Clasen 2006-01-04 13:54:29 EST
Created attachment 122772 [details]
patch for 5.5.6 (RHEL 3)
Comment 5 Matthias Clasen 2006-01-04 13:55:30 EST
Created attachment 122773 [details]
patch for 5.3.8 (RHEL 2.1)
Comment 6 Matthias Clasen 2006-01-06 13:51:01 EST
The fixes are contained in 
ImageMagick-6.0.7.1-14 (RHEL4)
ImageMagick-5.5.6-17 (RHEL 3)
ImageMagick-5.3.8-14 (RHEL 2.1)
Comment 9 Red Hat Bugzilla 2006-02-14 11:08:09 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0178.html

Note You need to log in before you can comment on or make changes to this bug.