Bug 176925 - CVE-2006-0082 ImageMagick format string vulnerability.
CVE-2006-0082 ImageMagick format string vulnerability.
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: ImageMagick (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Matthias Clasen
Mike McLean
: Security
Depends On:
  Show dependency treegraph
Reported: 2006-01-04 09:14 EST by Josh Bressers
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version: RHSA-2006-0178
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-02-14 11:08:09 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
patch for 6.2.5 (Rawhide) (1.52 KB, patch)
2006-01-04 12:05 EST, Matthias Clasen
no flags Details | Diff
patch for 6.0.7 (RHEL 4) (846 bytes, patch)
2006-01-04 13:52 EST, Matthias Clasen
no flags Details | Diff
patch for 5.5.6 (RHEL 3) (802 bytes, patch)
2006-01-04 13:54 EST, Matthias Clasen
no flags Details | Diff
patch for 5.3.8 (RHEL 2.1) (800 bytes, patch)
2006-01-04 13:55 EST, Matthias Clasen
no flags Details | Diff

  None (edit)
Description Josh Bressers 2006-01-04 09:14:11 EST
ImageMagick format string vulnerability.

The fix for CVE-2005-0397 is incomplete.  As the Debian bug suggests,
by running a command such as:

convert file.jpg file%d%n.jpg

A segfault will result in ImageMagick.


This issue also affects RHEL3
This issue also affects RHEL2.1
Comment 1 Matthias Clasen 2006-01-04 12:04:07 EST
The fix in the debian bug is incomplete, the same code is repeated in blob.c
Comment 2 Matthias Clasen 2006-01-04 12:05:34 EST
Created attachment 122767 [details]
patch for 6.2.5 (Rawhide)
Comment 3 Matthias Clasen 2006-01-04 13:52:42 EST
Created attachment 122771 [details]
patch for 6.0.7 (RHEL 4)
Comment 4 Matthias Clasen 2006-01-04 13:54:29 EST
Created attachment 122772 [details]
patch for 5.5.6 (RHEL 3)
Comment 5 Matthias Clasen 2006-01-04 13:55:30 EST
Created attachment 122773 [details]
patch for 5.3.8 (RHEL 2.1)
Comment 6 Matthias Clasen 2006-01-06 13:51:01 EST
The fixes are contained in 
ImageMagick- (RHEL4)
ImageMagick-5.5.6-17 (RHEL 3)
ImageMagick-5.3.8-14 (RHEL 2.1)
Comment 9 Red Hat Bugzilla 2006-02-14 11:08:09 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.