Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.58030
Kategorie:Turbolinux Local Security Tests
Titel:Turbolinux TLSA-2007-5 (ImageMagick)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to ImageMagick
announced via advisory TLSA-2007-5.

ImageMagick(TM) is an image display and manipulation tool for the X Window System.
ImageMagick can read and write JPEG, TIFF, PNM, GIF and Photo CD image file formats.

Multiple buffer overflows in ImageMagick,user-assisted attackers to execute arbitrary
code via crafted XCF images.
Multiple integer overflows in ImageMagick, user-assisted attackers to execute arbitrary
code via crafted Sun Rasterfile (bitmap) images.
Integer overflow in the ReadSGIImage function.
Multiple buffer overflows in Imagemagick has unknown impact and user-assisted attack
vectors via a crafted SGI image.

These vulnerabilities may allow remote attackers to execute arbitrary code via a
malformed image or video file in AVI or BMP formats.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2007-5

Risk factor : Critical

CVSS Score:
9.3

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2006-3743
BugTraq ID: 19697
http://www.securityfocus.com/bid/19697
Debian Security Information: DSA-1168 (Google Search)
http://www.debian.org/security/2006/dsa-1168
http://security.gentoo.org/glsa/glsa-200609-14.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:155
http://bugs.gentoo.org/show_bug.cgi?id=144854
http://www.osvdb.org/28205
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9895
http://www.redhat.com/support/errata/RHSA-2006-0633.html
http://securitytracker.com/id?1016749
http://secunia.com/advisories/21615
http://secunia.com/advisories/21621
http://secunia.com/advisories/21671
http://secunia.com/advisories/21679
http://secunia.com/advisories/21719
http://secunia.com/advisories/21780
http://secunia.com/advisories/21832
http://secunia.com/advisories/22036
http://secunia.com/advisories/22096
SGI Security Advisory: 20060901-01-P
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc
SuSE Security Announcement: SUSE-SA:2006:050 (Google Search)
http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html
http://www.ubuntu.com/usn/usn-340-1
http://www.vupen.com/english/advisories/2006/3375
XForce ISS Database: imagemagick-propuserunit-bo(28575)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28575
Common Vulnerability Exposure (CVE) ID: CVE-2006-4144
BugTraq ID: 19507
http://www.securityfocus.com/bid/19507
Bugtraq: 20060814 [Overflow.pl] ImageMagick ReadSGIImage() Heap Overflow (Google Search)
http://www.securityfocus.com/archive/1/443208/100/0/threaded
Bugtraq: 20060816 Re: [Overflow.pl] ImageMagick ReadSGIImage() Heap Overflow (Google Search)
http://www.securityfocus.com/archive/1/443362/100/0/threaded
Debian Security Information: DSA-1213 (Google Search)
http://www.debian.org/security/2006/dsa-1213
http://www.overflow.pl/adv/imsgiheap.txt
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11129
http://securitytracker.com/id?1016699
http://secunia.com/advisories/21462
http://secunia.com/advisories/21525
http://secunia.com/advisories/22998
http://securityreason.com/securityalert/1385
http://www.ubuntu.com/usn/usn-337-1
XForce ISS Database: imagemagick-readsgiimage-bo(28372)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28372
Common Vulnerability Exposure (CVE) ID: CVE-2006-5456
BugTraq ID: 20707
http://www.securityfocus.com/bid/20707
Bugtraq: 20061127 rPSA-2006-0218-1 ImageMagick (Google Search)
http://www.securityfocus.com/archive/1/452718/100/100/threaded
Bugtraq: 20070208 rPSA-2007-0029-1 ImageMagick (Google Search)
http://www.securityfocus.com/archive/1/459507/100/0/threaded
http://security.gentoo.org/glsa/glsa-200611-07.xml
http://security.gentoo.org/glsa/glsa-200611-19.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:193
http://www.mandriva.com/security/advisories?name=MDKSA-2007:041
http://www.osvdb.org/29990
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765
http://www.redhat.com/support/errata/RHSA-2007-0015.html
http://secunia.com/advisories/22569
http://secunia.com/advisories/22572
http://secunia.com/advisories/22601
http://secunia.com/advisories/22604
http://secunia.com/advisories/22819
http://secunia.com/advisories/22834
http://secunia.com/advisories/23090
http://secunia.com/advisories/23121
http://secunia.com/advisories/24186
http://secunia.com/advisories/24196
http://secunia.com/advisories/24284
http://secunia.com/advisories/24458
SGI Security Advisory: 20070201-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.352092
SuSE Security Announcement: SUSE-SA:2006:066 (Google Search)
http://www.novell.com/linux/security/advisories/2006_66_imagemagick.html
SuSE Security Announcement: SUSE-SR:2007:003 (Google Search)
http://www.novell.com/linux/security/advisories/2007_3_sr.html
http://www.ubuntu.com/usn/usn-372-1
http://www.ubuntu.com/usn/usn-422-1
http://www.vupen.com/english/advisories/2006/4170
http://www.vupen.com/english/advisories/2006/4171
XForce ISS Database: imagemagick-graphicsmagick-palm-bo(29816)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29816
Common Vulnerability Exposure (CVE) ID: CVE-2006-5868
BugTraq ID: 21185
http://www.securityfocus.com/bid/21185
http://www.mandriva.com/security/advisories?name=MDKSA-2006:223
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10612
http://secunia.com/advisories/23101
http://secunia.com/advisories/23219
http://www.ubuntu.com/usn/usn-386-1
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.