| To: | security-announce@lists.rpath.com, update-announce@lists.rpath.com |
|---|---|
| Subject: | rPSA-2006-0218-1 ImageMagick |
| From: | rPath Update Announcements <announce-noreply@rpath.com> |
| Date: | Mon, 27 Nov 2006 10:42:59 -0500 |
| Cc: | full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com, lwn@lwn.net |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | bugtraq-list@securepoint.com |
| Delivered-to: | mailing list bugtraq@securityfocus.com |
| Delivered-to: | moderator for bugtraq@securityfocus.com |
| List-help: | <mailto:bugtraq-help@securityfocus.com> |
| List-id: | <bugtraq.list-id.securityfocus.com> |
| List-post: | <mailto:bugtraq@securityfocus.com> |
| List-subscribe: | <mailto:bugtraq-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:bugtraq-unsubscribe@securityfocus.com> |
| Mailing-list: | contact bugtraq-help@securityfocus.com; run by ezmlm |
| User-agent: | nail 11.22 3/20/05 |
rPath Security Advisory: 2006-0218-1
Published: 2006-11-27
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
Indirect User Deterministic Unauthorized Access
Updated Versions:
ImageMagick=/conary.rpath.com@rpl:devel//1/6.2.3.3-3.4-1
References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4601
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0082
https://issues.rpath.com/browse/RPL-811
https://issues.rpath.com/browse/RPL-389
Description:
Previous versions of the ImageMagick package contained multiple
vulnerabilities. Attacker-supplied malformed image files may
allow arbitrary code execution as the running user.
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | iDefense Security Advisory 11.26.06: Qbik WinGate Compressed Name Pointer Denial of Service Vulnerability, iDefense Labs |
|---|---|
| Next by Date: | TFTP Server 3CTftpSvc Buffer Overflow Vulnerability (Long transporting mode), liuqx |
| Previous by Thread: | iDefense Security Advisory 11.26.06: Qbik WinGate Compressed Name Pointer Denial of Service Vulnerability, iDefense Labs |
| Next by Thread: | TFTP Server 3CTftpSvc Buffer Overflow Vulnerability (Long transporting mode), liuqx |
| Indexes: | [Date] [Thread] [Top] [All Lists] |