Bug 192279 - CVE-2006-2440 ImageMagick heap overflow
CVE-2006-2440 ImageMagick heap overflow
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: ImageMagick (Show other bugs)
5
All Linux
medium Severity low
: ---
: ---
Assigned To: Norm Murray
public=20060102,source=cve,impact=low...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-05-18 14:51 EDT by Josh Bressers
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version: ImageMagick-6.2.5.4-4.2.1.fc5.2 and ImageMagick-6.2.2.0-3.fc4.2
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-10-13 07:54:26 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Josh Bressers 2006-05-18 14:51:55 EDT
ImageMagick heap overflow

ImageMagick's DisplayImageCommand contains a heap overflow flaw.  It
is possible to pass an unexpanded glob to ImageMagick which will be
expanded by ImageMagick and overflow heap memory.

The patch and more information can be found in the Debian bug:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595


This issue also affects FC4
Comment 1 Fedora Update System 2006-05-24 19:30:03 EDT
ImageMagick-6.2.5.4-4.2.1.fc5.2 has been pushed for fc5, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.
Comment 2 David Eisenstein 2006-10-13 07:54:26 EDT
This bug also seems to track the fc4 version of ImageMagick.

As noted above, ImageMagick-6.2.5.4-4.2.1.fc5.2 was pushed to updates for fc5.
<http://www.redhat.com/archives/fedora-package-announce/2006-May/msg00125.html>.

Also, ImageMagick-6.2.2.0-3.fc4.2 was pushed to updates for fc4.
<http://www.redhat.com/archives/fedora-package-announce/2006-May/msg00124.html>.

For some reason, when these were pushed (by Matthias Clasen?), this bug was
not closed, even though it appears that the Fedora Updates System posted news
of the fc5 version in comment #1.

Closing, ERRATA.

Note You need to log in before you can comment on or make changes to this bug.