|
|
>> Fedora Security Update Fixes ImageMagick DCM and XWD Format String Vulnerabilities
|
Title : Fedora Security Update Fixes ImageMagick DCM and XWD Format String Vulnerabilities
VUPEN ID : VUPEN/ADV-2007-1290
CVE ID : CVE-2007-1797
Rated as : High Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-04-09
|
Fedora has released security updates to address multiple vulnerabilities identified in ImageMagick. These issues could be exploited by attackers to execute arbitrary commands. For additional information, see : VUPEN/ADV-2007-1200
Affected Products
Fedora Core 6
Fedora Core 5
Solution
Upgrade the affected packages :
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
a890950772a3eb10abc72f50c12114a4b136393e SRPMS/ImageMagick-6.2.8.0-4.fc6.src.rpm
a890950772a3eb10abc72f50c12114a4b136393e noarch/ImageMagick-6.2.8.0-4.fc6.src.rpm
83e079f97399e142bc5e22ade484eb4ec4d7aef0 ppc/ImageMagick-perl-6.2.8.0-4.fc6.ppc.rpm
d797b80e30c7f32493ce298218ea70c74ec09785 ppc/ImageMagick-devel-6.2.8.0-4.fc6.ppc.rpm
c5011fac353c032d4293471fc5a5c17e54b6798c ppc/ImageMagick-6.2.8.0-4.fc6.ppc.rpm
c5e1d076d9a3789fce9bb757f3bd01d1365c69f1 ppc/ImageMagick-c++-devel-6.2.8.0-4.fc6.ppc.rpm
167fb9efb04e4cccbc5c665f344fcb07e1f1d5c6 ppc/debug/ImageMagick-debuginfo-6.2.8.0-4.fc6.ppc.rpm
fdde2c3832ec1e44dd719d3e1b1567c746eefec5 ppc/ImageMagick-c++-6.2.8.0-4.fc6.ppc.rpm
42e5fd8174d9c55712192253f16dda5beaf5b443 x86_64/ImageMagick-6.2.8.0-4.fc6.x86_64.rpm
59bdeab4b7b3ef0f892b1aae121a1f3607496dc6 x86_64/ImageMagick-c++-6.2.8.0-4.fc6.x86_64.rpm
89fcc180733b6c5870f30f1111b5a602bc279e17 x86_64/debug/ImageMagick-debuginfo-6.2.8.0-4.fc6.x86_64.rpm
fe1e65588d0a5441a360906acef40429561695c9 x86_64/ImageMagick-perl-6.2.8.0-4.fc6.x86_64.rpm
adbabbc6e66831f7ec0831b51c16d3645add65d8 x86_64/ImageMagick-c++-devel-6.2.8.0-4.fc6.x86_64.rpm
575031bb0e4933cd2735212843ec827a5c937f17 x86_64/ImageMagick-devel-6.2.8.0-4.fc6.x86_64.rpm
520befe927219b130c40b994f9dfd96ccb2ad94c i386/ImageMagick-perl-6.2.8.0-4.fc6.i386.rpm
f22b3f88b69c2eb5ee5d2e96a8095e3bfb2047c8 i386/ImageMagick-devel-6.2.8.0-4.fc6.i386.rpm
ee9df91ae0f608d93eeab3089ca14153f675f944 i386/ImageMagick-c++-6.2.8.0-4.fc6.i386.rpm
5fb2e1235d5c7ca2e5431ab69ab391d47e00c99d i386/ImageMagick-c++-devel-6.2.8.0-4.fc6.i386.rpm
adc1367564108fb36f811bac24712124a726d48f i386/ImageMagick-6.2.8.0-4.fc6.i386.rpm
3d578564178d10b4b88792595d5ce2bec4c161e0 i386/debug/ImageMagick-debuginfo-6.2.8.0-4.fc6.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
78737b8ef33d0b0995ff6f0710eef7c40c52d70c SRPMS/ImageMagick-6.2.5.4-4.2.1.fc5.8.src.rpm
78737b8ef33d0b0995ff6f0710eef7c40c52d70c noarch/ImageMagick-6.2.5.4-4.2.1.fc5.8.src.rpm
895bfe97b87a8d696f0fd4dd848850cfd5554859 ppc/ImageMagick-6.2.5.4-4.2.1.fc5.8.ppc.rpm
5abd956e9a0b16ce1b23724329dc69f18261c872 ppc/debug/ImageMagick-debuginfo-6.2.5.4-4.2.1.fc5.8.ppc.rpm
9f98d5f3d3d24cbb571adb8228fbdea5ae9c8670 ppc/ImageMagick-devel-6.2.5.4-4.2.1.fc5.8.ppc.rpm
afec651139af4bda0518727b6aaab05f01b22f80 ppc/ImageMagick-c++-devel-6.2.5.4-4.2.1.fc5.8.ppc.rpm
f9cf139cd2ab15067076bc275606bdaa24ba7d24 ppc/ImageMagick-c++-6.2.5.4-4.2.1.fc5.8.ppc.rpm
1cc96736991b1b44f337344b56ac46100a5c9d3f ppc/ImageMagick-perl-6.2.5.4-4.2.1.fc5.8.ppc.rpm
47a6c0394923b06d3e07247d78bb39a08540a63e x86_64/ImageMagick-c++-devel-6.2.5.4-4.2.1.fc5.8.x86_64.rpm
91d04e58ebde3d0387261912666c630702c4351c x86_64/ImageMagick-c++-6.2.5.4-4.2.1.fc5.8.x86_64.rpm
098fb97517297cc928102d55c6ee8b47bebb8c3f x86_64/ImageMagick-6.2.5.4-4.2.1.fc5.8.x86_64.rpm
276ae73d884cefc3d9a319efdfb28ac299e2ba5d x86_64/debug/ImageMagick-debuginfo-6.2.5.4-4.2.1.fc5.8.x86_64.rpm
5b823604bb151146318811b5962148a1aabbc6fc x86_64/ImageMagick-perl-6.2.5.4-4.2.1.fc5.8.x86_64.rpm
083de469ea9465377af9df06d09fb1d71093d9f6 x86_64/ImageMagick-devel-6.2.5.4-4.2.1.fc5.8.x86_64.rpm
c49ac41a1e49ced269cc6bde1314943d9310acdc i386/ImageMagick-6.2.5.4-4.2.1.fc5.8.i386.rpm
b7ed36c18672069fb8565d7ebe65540a63640a45 i386/ImageMagick-c++-devel-6.2.5.4-4.2.1.fc5.8.i386.rpm
17173a9f06fedc007110974b1e1adc21fca826a4 i386/ImageMagick-perl-6.2.5.4-4.2.1.fc5.8.i386.rpm
07730fa983077e5b9ad2219ec64364b8cb93216e i386/debug/ImageMagick-debuginfo-6.2.5.4-4.2.1.fc5.8.i386.rpm
3925dfee04b0324d0f584ca3055bf5ee3d02df34 i386/ImageMagick-c++-6.2.5.4-4.2.1.fc5.8.i386.rpm
21c74dea77e5769eb7f7312ea8f124b4f066d196 i386/ImageMagick-devel-6.2.5.4-4.2.1.fc5.8.i386.rpm
References
http://www.vupen.com/english/advisories/2007/1290
https://www.redhat.com/archives/fedora-package-announce/2007-April/msg00017.html
https://www.redhat.com/archives/fedora-package-announce/2007-April/msg00047.html
ChangeLog
2007-04-09 : Initial release
2007-04-17 : Updated Solution
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
