SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Multimedia)  >   ImageMagick Vendors:   ImageMagick.org
(Mandrake Issues Fix) ImageMagick BMP Decoding Buffer Overflow Lets Remote Users Crash the Application
SecurityTracker Alert ID:  1011391
SecurityTracker URL:  http://securitytracker.com/id/1011391
CVE Reference:   CVE-2004-0827   (Links to External Site)
Date:  Sep 23 2004
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 6.0.6-2
Description:   A buffer overflow vulnerability was reported in ImageMagick. A remote user can cause ImageMagick to crash.

The vendor reported that a remote user can create a specially crafted BMP image file containing runlength-encoded images that, when decoded by the target user, will cause ImageMagick to crash.

A demonstration exploit image is available at:

http://bugzilla.gnome.org/attachment.cgi?id=30933&action=view

Impact:   A remote user can create a BMP file that, when decoded by the target user, will cause ImageMagick to crash.
Solution:   Mandrake has released a fix.

Mandrakelinux 10.0:
e0d33be5141bfa0b6d013e22204419dd 10.0/RPMS/ImageMagick-5.5.7.15-6.1.100mdk.i586.rpm
826f4b832385039c1835dfd546e51e5d 10.0/RPMS/ImageMagick-doc-5.5.7.15-6.1.100mdk.i586.rpm
9499f47a8af648b0f96c620590d8e2f8 10.0/RPMS/libMagick5.5.7-5.5.7.15-6.1.100mdk.i586.rpm
3e4a3b0039d0d5f78064f0ba4c8c5388 10.0/RPMS/libMagick5.5.7-devel-5.5.7.15-6.1.100mdk.i586.rpm
b741e8cecbbd13bd15a54a396e59b914 10.0/RPMS/perl-Magick-5.5.7.15-6.1.100mdk.i586.rpm
0d11ea3ef8787c2b04f5b65ed3ccdbde 10.0/SRPMS/ImageMagick-5.5.7.15-6.1.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
58ca93e0ef1c1e1d749a3047e292ee3c amd64/10.0/RPMS/ImageMagick-5.5.7.15-6.1.100mdk.amd64.rpm
8b60b43ba1fa7283799960c24804d3f9 amd64/10.0/RPMS/ImageMagick-doc-5.5.7.15-6.1.100mdk.amd64.rpm
464bd971bfd44076dfe29e59875b2bb4 amd64/10.0/RPMS/lib64Magick5.5.7-5.5.7.15-6.1.100mdk.amd64.rpm
17dd5dad3d9d5de56f88cdae6aadb14c amd64/10.0/RPMS/lib64Magick5.5.7-devel-5.5.7.15-6.1.100mdk.amd64.rpm
9d68bca88077c35abc41ec456b4a9526 amd64/10.0/RPMS/perl-Magick-5.5.7.15-6.1.100mdk.amd64.rpm
0d11ea3ef8787c2b04f5b65ed3ccdbde amd64/10.0/SRPMS/ImageMagick-5.5.7.15-6.1.100mdk.src.rpm

Corporate Server 2.1:
6d439c325ad66f229149a0a4cb34d9d3 corporate/2.1/RPMS/ImageMagick-5.4.8.3-2.1.C21mdk.i586.rpm
05f2891d63884af9bbab27b857a97cd9 corporate/2.1/RPMS/libMagick5-5.4.8.3-2.1.C21mdk.i586.rpm
e7ed78117793fb6694c472405937d737 corporate/2.1/RPMS/libMagick5-devel-5.4.8.3-2.1.C21mdk.i586.rpm
45b737c64a896eebddaf83691b995479 corporate/2.1/RPMS/perl-Magick-5.4.8.3-2.1.C21mdk.i586.rpm
6b931bb88f72a454a38f5ac45d6474c3 corporate/2.1/SRPMS/ImageMagick-5.4.8.3-2.1.C21mdk.src.rpm

Corporate Server 2.1/x86_64:
8bf02e24638562da3db142666e60182c x86_64/corporate/2.1/RPMS/ImageMagick-5.4.8.3-2.1.C21mdk.x86_64.rpm
052c5e5f275cb21ce37bd7d6334d12d1 x86_64/corporate/2.1/RPMS/libMagick5-5.4.8.3-2.1.C21mdk.x86_64.rpm
984fdf326480ee7470c5f98b24baf07e x86_64/corporate/2.1/RPMS/libMagick5-devel-5.4.8.3-2.1.C21mdk.x86_64.rpm
8c16b6f7a2098b1aa03b74b2ea184922 x86_64/corporate/2.1/RPMS/perl-Magick-5.4.8.3-2.1.C21mdk.x86_64.rpm
6b931bb88f72a454a38f5ac45d6474c3 x86_64/corporate/2.1/SRPMS/ImageMagick-5.4.8.3-2.1.C21mdk.src.rpm

Mandrakelinux 9.2:
abbbed347fae9483f334737d1b9a1bbd 9.2/RPMS/ImageMagick-5.5.7.10-7.1.92mdk.i586.rpm
0de435dfd5a8ed03dc553bd5250a917d 9.2/RPMS/libMagick5.5.7-5.5.7.10-7.1.92mdk.i586.rpm
080f77b2b43fbfaad76ec90031e4f267 9.2/RPMS/libMagick5.5.7-devel-5.5.7.10-7.1.92mdk.i586.rpm
ffe89c240ee427f7059ea00a106bcb2b 9.2/RPMS/perl-Magick-5.5.7.10-7.1.92mdk.i586.rpm
0d11ea3ef8787c2b04f5b65ed3ccdbde 9.2/SRPMS/ImageMagick-5.5.7.15-6.1.100mdk.src.rpm

Mandrakelinux 9.2/AMD64:
d0f05cf8b87697c22e4a745cfd7b619d amd64/9.2/RPMS/ImageMagick-5.5.7.10-7.1.92mdk.amd64.rpm
5fd03959e72c269e8c3bb946f808b08d amd64/9.2/RPMS/lib64Magick5.5.7-5.5.7.10-7.1.92mdk.amd64.rpm
1e579e8b745e89336d354602165511f5 amd64/9.2/RPMS/lib64Magick5.5.7-devel-5.5.7.10-7.1.92mdk.amd64.rpm
0d51cb15a1ea7ba74981a40722477118 amd64/9.2/RPMS/perl-Magick-5.5.7.10-7.1.92mdk.amd64.rpm
0d11ea3ef8787c2b04f5b65ed3ccdbde amd64/9.2/SRPMS/ImageMagick-5.5.7.15-6.1.100mdk.src.rpm

Vendor URL:  www.imagemagick.org/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Mandriva/Mandrake)
Underlying OS Comments:  10.0, 9.2, Corporate Server 2.1

Message History:   This archive entry is a follow-up to the message listed below.
Aug 31 2004 ImageMagick BMP Decoding Buffer Overflow Lets Remote Users Crash the Application



 Source Message Contents

Subject:  [Security Announce] MDKSA-2004:102 - Updated ImageMagick packages


This is a multi-part message in MIME format...

------------=_1095889935-12666-6002

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           ImageMagick
 Advisory ID:            MDKSA-2004:102
 Date:                   September 22nd, 2004

 Affected versions:	 10.0, 9.2, Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 Several buffer overflow vulnerabilities in ImageMagick were discovered
 by Marcus Meissner from SUSE.  These vulnerabilities would allow an
 attacker to create a malicious image or video file in AVI, BMP, or DIB
 formats which could crash the reading process.  It may be possible to
 create malicious images that could also allow for the execution of
 arbitray code with the privileges of the invoking user or process.
 
 The updated packages provided are patched to correct these problems.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0827
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 e0d33be5141bfa0b6d013e22204419dd  10.0/RPMS/ImageMagick-5.5.7.15-6.1.100mdk.i586.rpm
 826f4b832385039c1835dfd546e51e5d  10.0/RPMS/ImageMagick-doc-5.5.7.15-6.1.100mdk.i586.rpm
 9499f47a8af648b0f96c620590d8e2f8  10.0/RPMS/libMagick5.5.7-5.5.7.15-6.1.100mdk.i586.rpm
 3e4a3b0039d0d5f78064f0ba4c8c5388  10.0/RPMS/libMagick5.5.7-devel-5.5.7.15-6.1.100mdk.i586.rpm
 b741e8cecbbd13bd15a54a396e59b914  10.0/RPMS/perl-Magick-5.5.7.15-6.1.100mdk.i586.rpm
 0d11ea3ef8787c2b04f5b65ed3ccdbde  10.0/SRPMS/ImageMagick-5.5.7.15-6.1.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 58ca93e0ef1c1e1d749a3047e292ee3c  amd64/10.0/RPMS/ImageMagick-5.5.7.15-6.1.100mdk.amd64.rpm
 8b60b43ba1fa7283799960c24804d3f9  amd64/10.0/RPMS/ImageMagick-doc-5.5.7.15-6.1.100mdk.amd64.rpm
 464bd971bfd44076dfe29e59875b2bb4  amd64/10.0/RPMS/lib64Magick5.5.7-5.5.7.15-6.1.100mdk.amd64.rpm
 17dd5dad3d9d5de56f88cdae6aadb14c  amd64/10.0/RPMS/lib64Magick5.5.7-devel-5.5.7.15-6.1.100mdk.amd64.rpm
 9d68bca88077c35abc41ec456b4a9526  amd64/10.0/RPMS/perl-Magick-5.5.7.15-6.1.100mdk.amd64.rpm
 0d11ea3ef8787c2b04f5b65ed3ccdbde  amd64/10.0/SRPMS/ImageMagick-5.5.7.15-6.1.100mdk.src.rpm

 Corporate Server 2.1:
 6d439c325ad66f229149a0a4cb34d9d3  corporate/2.1/RPMS/ImageMagick-5.4.8.3-2.1.C21mdk.i586.rpm
 05f2891d63884af9bbab27b857a97cd9  corporate/2.1/RPMS/libMagick5-5.4.8.3-2.1.C21mdk.i586.rpm
 e7ed78117793fb6694c472405937d737  corporate/2.1/RPMS/libMagick5-devel-5.4.8.3-2.1.C21mdk.i586.rpm
 45b737c64a896eebddaf83691b995479  corporate/2.1/RPMS/perl-Magick-5.4.8.3-2.1.C21mdk.i586.rpm
 6b931bb88f72a454a38f5ac45d6474c3  corporate/2.1/SRPMS/ImageMagick-5.4.8.3-2.1.C21mdk.src.rpm

 Corporate Server 2.1/x86_64:
 8bf02e24638562da3db142666e60182c  x86_64/corporate/2.1/RPMS/ImageMagick-5.4.8.3-2.1.C21mdk.x86_64.rpm
 052c5e5f275cb21ce37bd7d6334d12d1  x86_64/corporate/2.1/RPMS/libMagick5-5.4.8.3-2.1.C21mdk.x86_64.rpm
 984fdf326480ee7470c5f98b24baf07e  x86_64/corporate/2.1/RPMS/libMagick5-devel-5.4.8.3-2.1.C21mdk.x86_64.rpm
 8c16b6f7a2098b1aa03b74b2ea184922  x86_64/corporate/2.1/RPMS/perl-Magick-5.4.8.3-2.1.C21mdk.x86_64.rpm
 6b931bb88f72a454a38f5ac45d6474c3  x86_64/corporate/2.1/SRPMS/ImageMagick-5.4.8.3-2.1.C21mdk.src.rpm

 Mandrakelinux 9.2:
 abbbed347fae9483f334737d1b9a1bbd  9.2/RPMS/ImageMagick-5.5.7.10-7.1.92mdk.i586.rpm
 0de435dfd5a8ed03dc553bd5250a917d  9.2/RPMS/libMagick5.5.7-5.5.7.10-7.1.92mdk.i586.rpm
 080f77b2b43fbfaad76ec90031e4f267  9.2/RPMS/libMagick5.5.7-devel-5.5.7.10-7.1.92mdk.i586.rpm
 ffe89c240ee427f7059ea00a106bcb2b  9.2/RPMS/perl-Magick-5.5.7.10-7.1.92mdk.i586.rpm
 0d11ea3ef8787c2b04f5b65ed3ccdbde  9.2/SRPMS/ImageMagick-5.5.7.15-6.1.100mdk.src.rpm

 Mandrakelinux 9.2/AMD64:
 d0f05cf8b87697c22e4a745cfd7b619d  amd64/9.2/RPMS/ImageMagick-5.5.7.10-7.1.92mdk.amd64.rpm
 5fd03959e72c269e8c3bb946f808b08d  amd64/9.2/RPMS/lib64Magick5.5.7-5.5.7.10-7.1.92mdk.amd64.rpm
 1e579e8b745e89336d354602165511f5  amd64/9.2/RPMS/lib64Magick5.5.7-devel-5.5.7.10-7.1.92mdk.amd64.rpm
 0d51cb15a1ea7ba74981a40722477118  amd64/9.2/RPMS/perl-Magick-5.5.7.10-7.1.92mdk.amd64.rpm
 0d11ea3ef8787c2b04f5b65ed3ccdbde  amd64/9.2/SRPMS/ImageMagick-5.5.7.15-6.1.100mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFBUfCrmqjQ0CJFipgRAlaOAJ90flh/uUKae/g/JMa6z/wb8IEOzACg9l9j
4orjN6fbRO5eKAL2xRMYuuI=
=dxxd
-----END PGP SIGNATURE-----


------------=_1095889935-12666-6002
Content-Type: text/plain; name="message.footer"
Content-Disposition: inline; filename="message.footer"
Content-Transfer-Encoding: 8bit

____________________________________________________
Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________

------------=_1095889935-12666-6002--

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC