|
|
>> Mandriva Security Update Fixes ImageMagick Buffer Overflow Vulnerabilities
|
Title : Mandriva Security Update Fixes ImageMagick Buffer Overflow Vulnerabilities
VUPEN ID : VUPEN/ADV-2006-4271
CVE ID : CVE-2006-5456
Rated as : High Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-10-31
|
Mandriva has released security updates to address multiple vulnerabilities identified in ImageMagick. These flaws could be exploited by attackers to execute arbitrary commands. For additional information, see : VUPEN/ADV-2006-4171
Affected Products
Mandriva Linux 2006.0
Mandriva Linux 2007.0
Corporate 3.0
Corporate 4.0
Solution
Upgrade the affected packages :
Mandriva Linux 2006.0:
9cff2af0f77ac36aa384c7c4514f36f0 2006.0/i586/ImageMagick-6.2.4.3-1.3.20060mdk.i586.rpm
8405ecc145ef62333e6b4e786c3c140e 2006.0/i586/ImageMagick-doc-6.2.4.3-1.3.20060mdk.i586.rpm
296450899da34bbde2d56e5259686d96 2006.0/i586/libMagick8.4.2-6.2.4.3-1.3.20060mdk.i586.rpm
bc576e4aa2425b60d38c97d783c982c0 2006.0/i586/libMagick8.4.2-devel-6.2.4.3-1.3.20060mdk.i586.rpm
2154b0021e296482ea3e3d8880559dcb 2006.0/i586/perl-Image-Magick-6.2.4.3-1.3.20060mdk.i586.rpm
5302895646e0bccbe9c0c5c1f4e11cec 2006.0/SRPMS/ImageMagick-6.2.4.3-1.3.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64:
37c26759a68c17030f75043060cfc2b4 2006.0/x86_64/ImageMagick-6.2.4.3-1.3.20060mdk.x86_64.rpm
4f88d24083c634afe7860e24075151ca 2006.0/x86_64/ImageMagick-doc-6.2.4.3-1.3.20060mdk.x86_64.rpm
274785820d8543a27aa254ff6a086ef2 2006.0/x86_64/lib64Magick8.4.2-6.2.4.3-1.3.20060mdk.x86_64.rpm
02a7e7432374fcb5ace201bab9a6e1d7 2006.0/x86_64/lib64Magick8.4.2-devel-6.2.4.3-1.3.20060mdk.x86_64.rpm
ac8846ce3a292e4b1ffc791c10a20a74 2006.0/x86_64/perl-Image-Magick-6.2.4.3-1.3.20060mdk.x86_64.rpm
5302895646e0bccbe9c0c5c1f4e11cec 2006.0/SRPMS/ImageMagick-6.2.4.3-1.3.20060mdk.src.rpm
Mandriva Linux 2007.0:
259fc249b1dbbf6c58257b6908532140 2007.0/i586/ImageMagick-6.2.9.2-1.1mdv2007.0.i586.rpm
c8ff934b06f802278f7bcd3c9d3bab96 2007.0/i586/ImageMagick-doc-6.2.9.2-1.1mdv2007.0.i586.rpm
b72caa9c374ca69892255cddc521b073 2007.0/i586/libMagick10.4.0-6.2.9.2-1.1mdv2007.0.i586.rpm
0a6d767cf14550aa8a20215e01873272 2007.0/i586/libMagick10.4.0-devel-6.2.9.2-1.1mdv2007.0.i586.rpm
259991496195ecf4e7d75cc96f4f4235 2007.0/i586/perl-Image-Magick-6.2.9.2-1.1mdv2007.0.i586.rpm
5db799ea7e3150a4d124cc8468418163 2007.0/SRPMS/ImageMagick-6.2.9.2-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
5957de896d84e071fc73e32d184b9ff5 2007.0/x86_64/ImageMagick-6.2.9.2-1.1mdv2007.0.x86_64.rpm
2b91a2815b70a243f99b88c62664b5dc 2007.0/x86_64/ImageMagick-doc-6.2.9.2-1.1mdv2007.0.x86_64.rpm
92b14592306acfab456d2b6fe0c335cd 2007.0/x86_64/lib64Magick10.4.0-6.2.9.2-1.1mdv2007.0.x86_64.rpm
779dd5bf3491a3a3fffcbe542e761d79 2007.0/x86_64/lib64Magick10.4.0-devel-6.2.9.2-1.1mdv2007.0.x86_64.rpm
173459bbde013ce76a500b3316cac9eb 2007.0/x86_64/perl-Image-Magick-6.2.9.2-1.1mdv2007.0.x86_64.rpm
5db799ea7e3150a4d124cc8468418163 2007.0/SRPMS/ImageMagick-6.2.9.2-1.1mdv2007.0.src.rpm
Corporate 3.0:
3c3e93caa3752c6a83bf258a7c13f3dc corporate/3.0/i586/ImageMagick-5.5.7.15-6.8.C30mdk.i586.rpm
280341a8df9e0505ab906e8da7ad0558 corporate/3.0/i586/ImageMagick-doc-5.5.7.15-6.8.C30mdk.i586.rpm
650c884639355e492ee879a7cfbddbc7 corporate/3.0/i586/libMagick5.5.7-5.5.7.15-6.8.C30mdk.i586.rpm
13ccb4cb86f566cd0c811109a9dc0dd1 corporate/3.0/i586/libMagick5.5.7-devel-5.5.7.15-6.8.C30mdk.i586.rpm
48035e977de33e09b908a3f512f94e72 corporate/3.0/i586/perl-Magick-5.5.7.15-6.8.C30mdk.i586.rpm
c7894af769352505f059b0e16b9a34cc corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.8.C30mdk.src.rpm
Corporate 3.0/X86_64:
a096885d2bcaa9820c17e1a4dd71b5e3 corporate/3.0/x86_64/ImageMagick-5.5.7.15-6.8.C30mdk.x86_64.rpm
77d7216b6c3c92802470c929bf3fadc1 corporate/3.0/x86_64/ImageMagick-doc-5.5.7.15-6.8.C30mdk.x86_64.rpm
b8831dbe0e86ef1d86219c6d9e66f62e corporate/3.0/x86_64/lib64Magick5.5.7-5.5.7.15-6.8.C30mdk.x86_64.rpm
e86dd59f34359230ea5fc7b58cb2a59e corporate/3.0/x86_64/lib64Magick5.5.7-devel-5.5.7.15-6.8.C30mdk.x86_64.rpm
a6d2ee48d4c91ba79b31d26b5f1e83b4 corporate/3.0/x86_64/perl-Magick-5.5.7.15-6.8.C30mdk.x86_64.rpm
c7894af769352505f059b0e16b9a34cc corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.8.C30mdk.src.rpm
Corporate 4.0:
44b50bffc31a13fa724e923e407e5704 corporate/4.0/i586/ImageMagick-6.2.4.3-1.3.20060mlcs4.i586.rpm
5efe5a1942bed2207adf2d3b2c36e46b corporate/4.0/i586/ImageMagick-doc-6.2.4.3-1.3.20060mlcs4.i586.rpm
558d6f229a8fe1748bbded9e768810e7 corporate/4.0/i586/libMagick8.4.2-6.2.4.3-1.3.20060mlcs4.i586.rpm
ebe94e9238780355631db170fc2aaaad corporate/4.0/i586/libMagick8.4.2-devel-6.2.4.3-1.3.20060mlcs4.i586.rpm
fc13aa3e6ecfc36940080b9da42950a3 corporate/4.0/i586/perl-Image-Magick-6.2.4.3-1.3.20060mlcs4.i586.rpm
343443bbd8220c90bb032d524f63e503 corporate/4.0/SRPMS/ImageMagick-6.2.4.3-1.3.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
670292a2b380dd9fdc7643f13a9e3599 corporate/4.0/x86_64/ImageMagick-6.2.4.3-1.3.20060mlcs4.x86_64.rpm
decb45c0eada9bd5c51426b798ecc95e corporate/4.0/x86_64/ImageMagick-doc-6.2.4.3-1.3.20060mlcs4.x86_64.rpm
3ceb638aef243a6e9c3a26cc33809f0b corporate/4.0/x86_64/lib64Magick8.4.2-6.2.4.3-1.3.20060mlcs4.x86_64.rpm
6c4535cf487832fbed1e37ff9cd225a7 corporate/4.0/x86_64/lib64Magick8.4.2-devel-6.2.4.3-1.3.20060mlcs4.x86_64.rpm
3987e468326d5a5d647312e8da336b09 corporate/4.0/x86_64/perl-Image-Magick-6.2.4.3-1.3.20060mlcs4.x86_64.rpm
343443bbd8220c90bb032d524f63e503 corporate/4.0/SRPMS/ImageMagick-6.2.4.3-1.3.20060mlcs4.src.rpm
References
http://www.vupen.com/english/advisories/2006/4271
http://archives.mandrivalinux.com/security-announce/2006-10/msg00028.php
ChangeLog
2006-10-31 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
