VUPEN Security - Fedora Security Update Fixes ImageMagick Multiple Buffer Overflow Vulnerabilities / Exploit (Security Advisories)

	Contact \| Site en Français

Vulnerabilities & Threats

VUPEN Security Advisories

Linux Security Advisories

Malware Advisories

Security Research

Threat Watch Blog

Zero-Day Monitor

Search Engine

Mailing List & RSS

>> Fedora Security Update Fixes ImageMagick Multiple Buffer Overflow Vulnerabilities

Title : Fedora Security Update Fixes ImageMagick Multiple Buffer Overflow Vulnerabilities
VUPEN ID : VUPEN/ADV-2006-4679
CVE ID : CVE-2006-3743 - CVE-2006-4144 - CVE-2006-5456
Rated as : High Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-11-23

Technical Description

Receive VUPEN Security alerts in a Text format

Receive VUPEN Security alerts in a PDF format

Receive VUPEN Security alerts in an XML format

Fedora has released security updates to address multiple vulnerabilities identified in ImageMagick. These flaws could be exploited by attackers to execute arbitrary commands. For additional information, see : VUPEN/ADV-2006-4171 - VUPEN/ADV-2006-3375 - VUPEN/ADV-2006-3279

Affected Products

Fedora Core 6
Fedora Core 5

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

bd778974f50b7bd90eb0e0f5719dc7ab2dc31e30 SRPMS/ImageMagick-6.2.8.0-3.fc6.1.src.rpm
bd778974f50b7bd90eb0e0f5719dc7ab2dc31e30 noarch/ImageMagick-6.2.8.0-3.fc6.1.src.rpm
101eb23d4641351d9f6337ecf1acfa8ab0161306 ppc/debug/ImageMagick-debuginfo-6.2.8.0-3.fc6.1.ppc.rpm
e78f62889cd2b5968e7c129c3b1e5b2c94851a80 ppc/ImageMagick-c++-devel-6.2.8.0-3.fc6.1.ppc.rpm
bbf7de1a2d8a55b104f867f14d4206d57a60c713 ppc/ImageMagick-perl-6.2.8.0-3.fc6.1.ppc.rpm
6a94c1ff21f63c2f227970033c2899a66e0a30cc ppc/ImageMagick-c++-6.2.8.0-3.fc6.1.ppc.rpm
b7e415e1ca29791af7dc8c8b841fc49d6814f64a ppc/ImageMagick-devel-6.2.8.0-3.fc6.1.ppc.rpm
8233ebaeca2073931414d7dbe4a35a5f970526e2 ppc/ImageMagick-6.2.8.0-3.fc6.1.ppc.rpm
07d88dba255b6cdcf7527341be5e1a5d449bb646 x86_64/ImageMagick-c++-devel-6.2.8.0-3.fc6.1.x86_64.rpm
50ba7d52e9bb870d591a4a2d03239a92c6e79088 x86_64/ImageMagick-perl-6.2.8.0-3.fc6.1.x86_64.rpm
98fac1368c3684c7863b7b939b1efaa4af6b57ad x86_64/debug/ImageMagick-debuginfo-6.2.8.0-3.fc6.1.x86_64.rpm
1014d4dbdd08c141bf8b1ff65e313e59b9f6f7f7 x86_64/ImageMagick-devel-6.2.8.0-3.fc6.1.x86_64.rpm
f086eb7b9c5cfa13116e45cb00c38e41f7d36dab x86_64/ImageMagick-c++-6.2.8.0-3.fc6.1.x86_64.rpm
cac8707d1582b854421ceb6f098a68eba2ffd8af x86_64/ImageMagick-6.2.8.0-3.fc6.1.x86_64.rpm
b91b9b77605b2a2fb5e5a76333105049d8e4ffd9 i386/ImageMagick-6.2.8.0-3.fc6.1.i386.rpm
226933a8b544ea12c82324abe454afe3e4fb34a0 i386/ImageMagick-devel-6.2.8.0-3.fc6.1.i386.rpm
4409d0d5a6bdb9e0c8599ab0c1f56ecd94739a84 i386/ImageMagick-c++-6.2.8.0-3.fc6.1.i386.rpm
d9597f4176469dda88315e927104e8b9bf901ad9 i386/debug/ImageMagick-debuginfo-6.2.8.0-3.fc6.1.i386.rpm
3dced5a46c3c5679202a92c913067636e2a94967 i386/ImageMagick-perl-6.2.8.0-3.fc6.1.i386.rpm
25eaca9e8a0567d1526482fa5da41541966fdc18 i386/ImageMagick-c++-devel-6.2.8.0-3.fc6.1.i386.rpm

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

5f5d5594213aa6a291c7cae27c763f195ae612d8 SRPMS/ImageMagick-6.2.5.4-4.2.1.fc5.7.src.rpm
5f5d5594213aa6a291c7cae27c763f195ae612d8 noarch/ImageMagick-6.2.5.4-4.2.1.fc5.7.src.rpm
a3935cfd56f1df9dbbc5d5a6900f01ab4cc7ff91 ppc/ImageMagick-perl-6.2.5.4-4.2.1.fc5.7.ppc.rpm
82ccf3edabbbe2a1b3914681e3394e82f9d2f809 ppc/debug/ImageMagick-debuginfo-6.2.5.4-4.2.1.fc5.7.ppc.rpm
3b2d17e74cc75a18ded67d1b90449905c01f2afc ppc/ImageMagick-c++-devel-6.2.5.4-4.2.1.fc5.7.ppc.rpm
89488aecc6fd484f05ab20290362add1c404a2dc ppc/ImageMagick-6.2.5.4-4.2.1.fc5.7.ppc.rpm
8e40874122b4c4379c4bc1b88cef7c63fa30ddb8 ppc/ImageMagick-c++-6.2.5.4-4.2.1.fc5.7.ppc.rpm
af3e31179cab28d86d265b8c91fdd5975222ea8d ppc/ImageMagick-devel-6.2.5.4-4.2.1.fc5.7.ppc.rpm
4c766d4cfefa1a7ce6a85b2bc92d8b1778b093a3 x86_64/ImageMagick-c++-devel-6.2.5.4-4.2.1.fc5.7.x86_64.rpm
715ec666dc5cde5dde550d287df11bb54b183a6d x86_64/debug/ImageMagick-debuginfo-6.2.5.4-4.2.1.fc5.7.x86_64.rpm
6720b9df5c77de1faea6d321c3b85137cc274bf9 x86_64/ImageMagick-6.2.5.4-4.2.1.fc5.7.x86_64.rpm
044ae0372b29db36ece7673ae795662fe7af2692 x86_64/ImageMagick-perl-6.2.5.4-4.2.1.fc5.7.x86_64.rpm
fd20e0ee644ff60b9a583b327f398f214c3b2b97 x86_64/ImageMagick-devel-6.2.5.4-4.2.1.fc5.7.x86_64.rpm
e5fbed195ccc21a77c02a456dd0e90e10462d15a x86_64/ImageMagick-c++-6.2.5.4-4.2.1.fc5.7.x86_64.rpm
bfb0c47b5bfe7d8d91c7b29ff54e1ee6c6892d8b i386/ImageMagick-c++-6.2.5.4-4.2.1.fc5.7.i386.rpm
42ba9987aa01d7686561ec7bcf6e9c92d372a3fd i386/debug/ImageMagick-debuginfo-6.2.5.4-4.2.1.fc5.7.i386.rpm
9b35bdfaa39ac0a479dd9a2a54f8695f57b1d5a3 i386/ImageMagick-c++-devel-6.2.5.4-4.2.1.fc5.7.i386.rpm
2f28a2cb44fa6c398003296b27e3a6ab3ade4519 i386/ImageMagick-6.2.5.4-4.2.1.fc5.7.i386.rpm
d4c61dcc78882315188d7c96abe7e527ec1f1c61 i386/ImageMagick-devel-6.2.5.4-4.2.1.fc5.7.i386.rpm
4a92473b93250ab1e7209957c6a55ce1e0d33994 i386/ImageMagick-perl-6.2.5.4-4.2.1.fc5.7.i386.rpm

References

http://www.vupen.com/english/advisories/2006/4679
https://www.redhat.com/archives/fedora-package-announce/2006-November/msg00170.html
https://www.redhat.com/archives/fedora-package-announce/2006-November/msg00171.html

ChangeLog

2006-11-23 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.

Vulnerability Alerting

Free 14-Day Trial

Latest News

>> 2009-07-06

Microsoft Windows 0-Day
Flaw Exploited in the Wild

>> 2009-06-10

VUPEN Security Research
Discovered Critical Flaws
in Adobe Acrobat and MS
Office Word

>> 2009-06-02

VUPEN Security Research
Discovered Critical Flaws
in ACDSee Products

>> 2009-05-22

VUPEN Discovered Two
Critical Vulnerabilities in
Novell GroupWise 8 / 7

More Informations