CVE-2004-0981
CVSS10.0
发布时间 :2005-02-09 00:00:00
修订时间 :2016-10-17 22:50:24
NMCOPS    

[原文]Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.


[CNNVD]ImageMagick远程EXIF解析缓冲区溢出漏洞(CNNVD-200502-025)

        ImageMagick 是一个图象处理软件。它可以编辑、显示包括JPEG、TIFF、PNM、PNG、GIF和Photo CD在内的绝大多数当今最流行的图象格式。
        ImageMagick 6.1.0之前的EXIF解析例程中的缓冲区溢出,可让远程攻击者通过某些图像文件执行任意代码。

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:imagemagick:imagemagick:5.4.8ImageMagick 5.4.8
cpe:/a:imagemagick:imagemagick:5.5.7ImageMagick 5.5.7
cpe:/o:debian:debian_linux:3.0::ia-32
cpe:/a:imagemagick:imagemagick:5.4.7ImageMagick 5.4.7
cpe:/a:imagemagick:imagemagick:5.5.6.0_2003-04-09ImageMagick 5.5.6.0 2003-04-09
cpe:/o:debian:debian_linux:3.0::ppc
cpe:/o:suse:suse_linux:9.0::x86_64
cpe:/o:debian:debian_linux:3.0::hppa
cpe:/a:imagemagick:imagemagick:5.4.3ImageMagick 5.4.3
cpe:/a:imagemagick:imagemagick:5.5.3.2.1.2.0ImageMagick 5.5.3.2.1.2.0
cpe:/o:debian:debian_linux:3.0::m68k
cpe:/o:debian:debian_linux:3.0::sparc
cpe:/a:imagemagick:imagemagick:6.0.7ImageMagick 6.0.7
cpe:/a:imagemagick:imagemagick:6.0.6ImageMagick 6.0.6
cpe:/a:imagemagick:imagemagick:6.0.8ImageMagick 6.0.8
cpe:/o:debian:debian_linux:3.0::s-390
cpe:/a:imagemagick:imagemagick:5.4.4.5ImageMagick 5.4.4.5
cpe:/o:gentoo:linuxGentoo Linux
cpe:/a:imagemagick:imagemagick:6.0.1ImageMagick 6.0.1
cpe:/o:debian:debian_linux:3.0::arm
cpe:/a:imagemagick:imagemagick:5.3.3ImageMagick 5.3.3
cpe:/o:debian:debian_linux:3.0::mipsel
cpe:/o:debian:debian_linux:3.0::ia-64
cpe:/o:debian:debian_linux:3.0::mips
cpe:/o:debian:debian_linux:3.0::alpha
cpe:/o:suse:suse_linux:8.1SuSE SuSE Linux 8.1
cpe:/o:suse:suse_linux:9.0SuSE SuSE Linux 9.0
cpe:/o:suse:suse_linux:8.0SuSE SuSE Linux 8.0
cpe:/a:imagemagick:imagemagick:6.0ImageMagick 6.0
cpe:/a:imagemagick:imagemagick:5.4.8.2.1.1.0
cpe:/a:imagemagick:imagemagick:6.0.3ImageMagick 6.0.3
cpe:/o:suse:suse_linux:9.2SuSE SuSE Linux 9.2
cpe:/a:imagemagick:imagemagick:6.0.5ImageMagick 6.0.5
cpe:/a:imagemagick:imagemagick:6.0.4ImageMagick 6.0.4
cpe:/o:suse:suse_linux:8.2SuSE SuSE Linux 8.2
cpe:/o:suse:suse_linux:9.1SuSE SuSE Linux 9.1

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10472Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain imag...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0981
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0981
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200502-025
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=109900325831136&w=2
(UNKNOWN)  UBUNTU  USN-7-1
http://security.gentoo.org/glsa/glsa-200411-11.xml
(UNKNOWN)  GENTOO  GLSA-200411-11
http://www.imagemagick.org/www/Changelog.html
(UNKNOWN)  CONFIRM  http://www.imagemagick.org/www/Changelog.html
http://www.securityfocus.org/bid/11548
(UNKNOWN)  BID  11548
http://xforce.iss.net/xforce/xfdb/17903
(VENDOR_ADVISORY)  XF  imagemagick-exif-image-bo(17903)

- 漏洞信息

ImageMagick远程EXIF解析缓冲区溢出漏洞
危急 缓冲区溢出
2005-02-09 00:00:00 2005-10-20 00:00:00
远程  
        ImageMagick 是一个图象处理软件。它可以编辑、显示包括JPEG、TIFF、PNM、PNG、GIF和Photo CD在内的绝大多数当今最流行的图象格式。
        ImageMagick 6.1.0之前的EXIF解析例程中的缓冲区溢出,可让远程攻击者通过某些图像文件执行任意代码。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        RedHat Fedora Core2
        Fedora ImageMagick-6.2.0.7-2.fc2.4.legacy.i386.rpm
        RedHat Fedora Core 2
        http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-6.2 .0.7-2.fc2.4.legacy.i386.rpm
        Fedora ImageMagick-c++-6.2.0.7-2.fc2.4.legacy.i386.rpm
        RedHat Fedora Core 2
        http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-c++ -6.2.0.7-2.fc2.4.legacy.i386.rpm
        Fedora ImageMagick-c++-devel-6.2.0.7-2.fc2.4.legacy.i386.rpm
        RedHat Fedora Core 2
        http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-c++ -devel-6.2.0.7-2.fc2.4.legacy.i386.rpm
        Fedora ImageMagick-devel-6.2.0.7-2.fc2.4.legacy.i386.rpm
        RedHat Fedora Core 2
        http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-dev el-6.2.0.7-2.fc2.4.legacy.i386.rpm
        Fedora ImageMagick-perl-6.2.0.7-2.fc2.4.legacy.i386.rpm
        RedHat Fedora Core 2
        http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-per l-6.2.0.7-2.fc2.4.legacy.i386.rpm
        RedHat Fedora Core1
        Fedora ImageMagick-5.5.6-13.legacy.i386.rpm
        RedHat Fedora Core 1
        http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-5.5 .6-13.legacy.i386.rpm
        Fedora ImageMagick-c++-5.5.6-13.legacy.i386.rpm
        RedHat Fedora Core 1
        http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-c++ -5.5.6-13.legacy.i386.rpm
        Fedora ImageMagick-c++-devel-5.5.6-13.legacy.i386.rpm
        RedHat Fedora Core 1
        http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-c++ -devel-5.5.6-13.legacy.i386.rpm
        Fedora ImageMagick-devel-5.5.6-13.legacy.i386.rpm
        RedHat Fedora Core 1
        http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-dev el-5.5.6-13.legacy.i386.rpm
        Fedora ImageMagick-perl-5.5.6-13.legacy.i386.rpm
        RedHat Fedora Core 1
        http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-per l-5.5.6-13.legacy.i386.rpm
        ImageMagick ImageMagick 5.3.3
        ImageMagick Imagemagick version 6.1.2
        http://sourceforge.net/project/showfiles.php?group_id=24099
        ImageMagick ImageMagick 5.4.3
        ImageMagick Imagemagick version 6.1.2
        http://sourceforge.net/project/showfiles.php?group_id=24099
        ImageMagick ImageMagick 5.4.4 .5
        Debian imagemagick_5.4.4.5-1woody4_alpha.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_alpha.deb
        Debian imagemagick_5.4.4.5-1woody4_arm.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_arm.deb
        Debian imagemagick_5.4.4.5-1woody4_hppa.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_hppa.deb
        Debian imagemagick_5.4.4.5-1woody4_i386.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_i386.deb
        Debian imagemagick_5.4.4.5-1woody4_ia64.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_ia64.deb
        Debian imagemagick_5.4.4.5-1woody4_m68k.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_m68k.deb
        Debian imagemagick_5.4.4.5-1woody4_mips.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_mips.deb
        Debian imagemagick_5.4.4.5-1woody4_mipsel.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_mipsel.deb
        Debian imagemagick_5.4.4.5-1woody4_powerpc.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_powerpc.deb
        Debian imagemagick_5.4.4.5-1woody4_s390.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_s390.deb
        Debian imagemagick_5.4.4.5-1woody4_sparc.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_sparc.deb
        Debian libmagick++5-dev_5.4.4.5-1woody4_alpha.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_alpha.deb
        Debian libmagick++5-dev_5.4.4.5-1woody4_arm.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_arm.deb
        Debian libmagick++5-dev_5.4.4.5-1woody4_hppa.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_hppa.deb
        Debian libmagick++5-dev_5.4.4.5-1woody4_i386.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_i386.deb
        Debian libmagick++5-dev_5.4.4.5-1woody4_ia64.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_ia64.deb
        Debian libmagick++5-dev_5.4.4.5-1woody4_m68k.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_m68k.deb
        Debian libmagick++5-dev_5.4.4.5-1woody4_mips.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_mips.deb
        Debian libmagick++5-dev_5.4.4.5-1woody4_mipsel.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_mipsel.deb
        Debian libmagick++5-dev_5.4.4.5-1woody4_powerpc.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_powerpc.deb
        Debian libmagick++5-dev_5.4.4.5-1woody4_s390.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_s390.deb
        Debian libmagick++5-dev_5.4.4.5-1woody4_sparc.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_sparc.deb
        Debian libmagick++5_5.4.4.5-1woody4_alpha.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_alpha.deb
        Debian libmagick++5_5.4.4.5-1woody4_arm.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_arm.deb
        Debian libmagick++5_5.4.4.5-1woody4_hppa.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_hppa.deb
        Debian libmagick++5_5.4.4.5-1woody4_i386.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_i386.deb
        Debian libmagick++5_5.4.4.5-1woody4_ia64.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_ia64.deb
        Debian libmagick++5_5.4.4.5-1woody4_m68k.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_m68k.deb
        Debian libmagick++5_5.4.4.5-1woody4_mips.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_mips.deb
        Debian libmagick++5_5.4.4.5-1woody4_mipsel.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_mipsel.deb
        Debian libmagick++5_5.4.4.5-1woody4_powerpc.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_powerpc.deb
        Debian libmagick++5_5.4.4.5-1woody4_s390.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_s390.deb
        Debian libmagick++5_5.4.4.5-1woody4_sparc.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_sparc.deb
        Debian libmagick5-dev_5.4.4.5-1woody4_alpha.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/

- 漏洞信息 (F35078)

dsa-593.txt (PacketStormID:F35078)
2004-11-20 00:00:00
 
advisory,arbitrary
linux,debian
CVE-2004-0981
[点击下载]

Debian Security Advisory 593-1 - A vulnerability has been reported for ImageMagick, a commonly used image manipulation library. Due to a boundary error within the EXIF parsing routine, a specially crafted graphic images could lead to the execution of arbitrary code.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 593-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
November 16th, 2004                     http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : imagemagick
Vulnerability  : buffer overflow
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2004-0981
Debian Bug     : 278401

A vulnerability has been reported for ImageMagick, a commonly used
image manipulation library.  Due to a boundary error within the EXIF
parsing routine, a specially crafted graphic images could lead to the
execution of arbitrary code.

For the stable distribution (woody) this problem has been fixed in
version 5.4.4.5-1woody4.

For the unstable distribution (sid) this problem has been fixed in
version 6.0.6.2-1.5.

We recommend that you upgrade your imagemagick packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody4.dsc
      Size/MD5 checksum:      852 c053f06bcb00f7cc722814ece4c99462
    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody4.diff.gz
      Size/MD5 checksum:    15309 bb1ec78c190677ceb5311ffe167b8184
    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5.orig.tar.gz
      Size/MD5 checksum:  3901237 f35e356b4ac1ebc58e3cffa7ea7abc07

  Alpha architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody4_alpha.deb
      Size/MD5 checksum:  1309792 f3e20f97b3a081cd3e73675c2131a345
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody4_alpha.deb
      Size/MD5 checksum:   154144 4b8abf5400526b55d41b6a23a747740d
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody4_alpha.deb
      Size/MD5 checksum:    56232 d6be366bdb42ff918de236b42e5fc03e
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody4_alpha.deb
      Size/MD5 checksum:   833420 811a90a17be12877a5352474b4ff50b0
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody4_alpha.deb
      Size/MD5 checksum:    67276 ea7ecc0c685293d0bfe90d7d5eec5eae
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody4_alpha.deb
      Size/MD5 checksum:   113786 896b92eda8b1572090c28f7781617bcb

  ARM architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody4_arm.deb
      Size/MD5 checksum:  1297076 1480d317943ebd0d62af4e91cb70e8bc
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody4_arm.deb
      Size/MD5 checksum:   118678 9bd22b4793a02f7d55178093950f2af1
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody4_arm.deb
      Size/MD5 checksum:    56272 dced3c2b19dadc4a9269ca8694a9fb17
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody4_arm.deb
      Size/MD5 checksum:   898586 0603ac9d5290dad892eb26cc9d3f5f9c
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody4_arm.deb
      Size/MD5 checksum:    67312 332b1462e38cab79c3baf075124f0a52
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody4_arm.deb
      Size/MD5 checksum:   109900 d5c8d8247af36dbf8e6d38343b451c0b

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody4_i386.deb
      Size/MD5 checksum:  1295130 5c546d50eb6a1c1597c491849a74ba00
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody4_i386.deb
      Size/MD5 checksum:   122766 a778e5be49e9a22fea94f6a6d83f7035
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody4_i386.deb
      Size/MD5 checksum:    56254 2758908cfe92661e70e3def07595126a
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody4_i386.deb
      Size/MD5 checksum:   772498 17eb974bb841ad4332e1ebbc800f7ce2
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody4_i386.deb
      Size/MD5 checksum:    67296 f1c482c8e6a2e0dda18d9fd69120f8f2
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody4_i386.deb
      Size/MD5 checksum:   106912 3a35af388be49b0978665202a1ec7e66

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody4_ia64.deb
      Size/MD5 checksum:  1336172 10c0e32424a9dca3d3cd66779921022f
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody4_ia64.deb
      Size/MD5 checksum:   137042 d499c76fb08bfb8c63bf89384f297bf7
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody4_ia64.deb
      Size/MD5 checksum:    56222 c0e9c7c41e6cb6f0097f979373b6a895
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody4_ia64.deb
      Size/MD5 checksum:  1359968 58957910d3e927d2f0c41db825db19d5
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody4_ia64.deb
      Size/MD5 checksum:    67260 1ab111e57700c86384f02b98e7be823e
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody4_ia64.deb
      Size/MD5 checksum:   132904 55f936250c3cf6859dc38cfce35df9a6

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody4_hppa.deb
      Size/MD5 checksum:  1297346 930d77ec6653cd705af67d47f1090d32
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody4_hppa.deb
      Size/MD5 checksum:   132850 d5988feb87c126dcab6df72e6e590545
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody4_hppa.deb
      Size/MD5 checksum:    56270 3395e0bbce4bc6092fc81a1fe1193bc2
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody4_hppa.deb
      Size/MD5 checksum:   859724 56b6e89439f151f21001e345340248a4
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody4_hppa.deb
      Size/MD5 checksum:    67328 c88fc994c5ed2c6fed15685fdd78758f
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody4_hppa.deb
      Size/MD5 checksum:   117164 30cd8726f73026a2e20c8efe04c528a9

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody4_m68k.deb
      Size/MD5 checksum:  1292548 8d360c360fbb9c477cd0ae1aca69448e
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody4_m68k.deb
      Size/MD5 checksum:   134004 5d597e8f01686d39f1a852b248487b59
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody4_m68k.deb
      Size/MD5 checksum:    56300 3160b3dae3facf978d1176957b95af68
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody4_m68k.deb
      Size/MD5 checksum:   751758 83cc438c729286babb7ac84346f07654
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody4_m68k.deb
      Size/MD5 checksum:    67332 d13d7618bbce5050e8d05bfaa5ab6498
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody4_m68k.deb
      Size/MD5 checksum:   107408 6e3b040f07982b2fd3f1d0f83ec02f8d

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody4_mips.deb
      Size/MD5 checksum:  1294866 2e4bd7d79951377b4da399738fe88a77
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody4_mips.deb
      Size/MD5 checksum:   120252 7c69c8cbae8f03add859573edfe3e241
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody4_mips.deb
      Size/MD5 checksum:    56276 3a8ff5352159ddfb8b2d32641acdd625
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody4_mips.deb
      Size/MD5 checksum:   733000 30b1e4b7c930878890553ef6a441ca09
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody4_mips.deb
      Size/MD5 checksum:    67326 6bc5cdbfe033642b3a27baeafb31f300
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody4_mips.deb
      Size/MD5 checksum:   103322 7075ae9b234bc564631b67661736e543

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody4_mipsel.deb
      Size/MD5 checksum:  1294860 33b3593e696a9aff9dac216778fea431
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody4_mipsel.deb
      Size/MD5 checksum:   113820 a81bf3b33cd7abddb1335ab61be0c4dc
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody4_mipsel.deb
      Size/MD5 checksum:    56302 e1f179a6be8c7781eba49e0c25d1013e
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody4_mipsel.deb
      Size/MD5 checksum:   721030 2dd79a60f0e8a46dee376cbe79b78b8d
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody4_mipsel.deb
      Size/MD5 checksum:    67322 a8e370ec24fcb00d8b585837034502e5
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody4_mipsel.deb
      Size/MD5 checksum:   102868 ac84fdb646eace65d69208bb522a3976

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody4_powerpc.deb
      Size/MD5 checksum:  1291426 205981d0b3cd47699602d1ecb8636fb4
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody4_powerpc.deb
      Size/MD5 checksum:   135900 4908551a03f72d05f4d34f2bf767fcdd
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody4_powerpc.deb
      Size/MD5 checksum:    56268 8c3150906852c56a2cce8ebb20292e84
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody4_powerpc.deb
      Size/MD5 checksum:   786006 39b95827036f22e43245489944294bb8
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody4_powerpc.deb
      Size/MD5 checksum:    67304 9eb67cfc99e2632453c9335d7688ca6f
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody4_powerpc.deb
      Size/MD5 checksum:   111908 369ae1547d021b06c865e107db68c1bc

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody4_s390.deb
      Size/MD5 checksum:  1292148 b018542967462dfb08559ee8ca413af0
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody4_s390.deb
      Size/MD5 checksum:   132004 366eca80ee3ae6e97e75c346298dfa4e
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody4_s390.deb
      Size/MD5 checksum:    56256 b50d9cda59825fb64ce17d42e6862c21
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody4_s390.deb
      Size/MD5 checksum:   777968 b51017dcfc2106b458af6fd3f0f1e5c0
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody4_s390.deb
      Size/MD5 checksum:    67304 5884f688ddd0dd60eb44cf609c79b0c2
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody4_s390.deb
      Size/MD5 checksum:   108956 0a1a43eb74ac289387783e32c85fb15b

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody4_sparc.deb
      Size/MD5 checksum:  1295192 ecc31b2bf9f87175011f42517406449b
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody4_sparc.deb
      Size/MD5 checksum:   123844 506d5252bd0b53224f358eef3cfc0808
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody4_sparc.deb
      Size/MD5 checksum:    56262 1c5766ed3e5e2a2ed57bf2394481e23d
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody4_sparc.deb
      Size/MD5 checksum:   802610 ed2a8842b6612e96682f13e28fa74f96
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody4_sparc.deb
      Size/MD5 checksum:    67312 a640d03d461769bb0c23f1a77003ef1d
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody4_sparc.deb
      Size/MD5 checksum:   112880 93033756bee95ec9523d427e6813782d


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBmcmfW5ql+IAeqTIRAul8AJ0e5dY/HcW4eILJWkl29l/50y7enACfZuOx
/kB5O6El6qbIzyYEndt9XSM=
=KoeR
-----END PGP SIGNATURE-----

    

- 漏洞信息

11166
ImageMagick / GraphicsMagick EXIF Parser Overflow
Remote / Network Access Input Manipulation
Loss of Integrity Patch / RCS, Upgrade
Exploit Unknown Vendor Verified

- 漏洞描述

A remote overflow exists in ImageMagick. The product fails to perform correct boundary checking in the EXIF parsing routine resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

- 时间线

2004-10-26 Unknow
Unknow Unknow

- 解决方案

Upgrade ImageMagick to version 6.1.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. A patch has been released for GraphicsMagick, check the sourceforge advisory in the references section.

- 相关参考

- 漏洞作者

- 漏洞信息

ImageMagick Remote EXIF Parsing Buffer Overflow Vulnerability
Boundary Condition Error 11548
Yes No
2004-10-06 12:00:00 2013-03-05 05:04:00
The individual responsible for the discovery of this issue is currently unknown; the vendor disclosed this issue.

- 受影响的程序版本

Xerox FreeFlow Print Server (FFPS) 73.C0.41
Xerox FreeFlow Print Server (FFPS) 73.B3.61
SuSE Linux 9.2
SuSE Linux 9.1
SuSE Linux 9
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux 8.1
S.u.S.E. Linux 8.0
RedHat Linux 9.0 i386
RedHat Linux 7.3 i686
RedHat Linux 7.3 i386
RedHat Linux 7.3
Red Hat Fedora Core3
Red Hat Fedora Core2
Red Hat Fedora Core1
ImageMagick ImageMagick 6.0.8
ImageMagick ImageMagick 6.0.7
+ Red Hat Enterprise Linux AS 4
+ RedHat Desktop 4.0
+ RedHat Enterprise Linux Desktop version 4
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux WS 4
+ S.u.S.E. Linux Personal 9.2 x86_64
+ S.u.S.E. Linux Personal 9.2
ImageMagick ImageMagick 6.0.6
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
ImageMagick ImageMagick 6.0.5
+ Turbolinux Home
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Server 10.0
ImageMagick ImageMagick 6.0.4
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
ImageMagick ImageMagick 6.0.3
ImageMagick ImageMagick 6.0.1
ImageMagick ImageMagick 6.0
ImageMagick ImageMagick 5.5.7
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
ImageMagick ImageMagick 5.5.6 .0-20030409
+ OpenPKG OpenPKG Current
ImageMagick ImageMagick 5.5.3 .2-1.2.0
+ OpenPKG OpenPKG 1.2
ImageMagick ImageMagick 5.4.8 .2-1.1.0
+ OpenPKG OpenPKG 1.1
ImageMagick ImageMagick 5.4.8
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
ImageMagick ImageMagick 5.4.7
+ Turbolinux Turbolinux Server 8.0
ImageMagick ImageMagick 5.4.4 .5
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
ImageMagick ImageMagick 5.4.3
+ Turbolinux Turbolinux Workstation 8.0
ImageMagick ImageMagick 5.3.3
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 7.0
Gentoo Linux
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha

- 漏洞讨论

A remote buffer overflow vulnerability reportedly affects the EXIF parsing functionality of ImageMagick. This issue is due to a failure of the application to carry out sufficient bounds checking prior to copying strings into process buffers.

An attacker may exploit this issue to execute arbitrary code on an affected computer with the privileges of the user that activated the vulnerable application, facilitating unauthorized access or privilege escalation.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

The vendor has released an upgrade dealing with this issue.

Red Hat has released an advisory (FEDORA-2005-221) and fixes to address this issue in Fedora Core 3. Please see the referenced advisory for further details regarding obtaining and applying an appropriate fix.

SuSE has released a security summary report (SUSE-SR:2004:001) to address this and other issues. The report indicates that a fix for this issue is available on the SuSE FTP server and also through the YaST Online Update utility. Customers are advised to peruse the referenced advisory for further details regarding obtaining and applying appropriate fixes.

SuSE has released advisory SUSE-SA:2004:041 mainly to address the vulnerabilities described in BID 11694. However, in the addendum of this advisory, it is reported that fixes for the issue described in this BID are now available on the SuSE update FTP server for download. Customers are advised to see the referenced advisory for further information regarding obtaining and applying appropriate updates.

Debian has released an advisory DSA 593-1 and updates to address this vulnerability. Please see the referenced advisory for further information.

Gentoo Linux has released advisory GLSA 200411-11:01 to address this issue in ImageMagick. Users of the affected package are urged to execute the following commands with superuser privileges to install the updates:

emerge --sync
emerge --ask --oneshot --verbose ">=media-gfx/imagemagick-6.1.3.2"

MandrakeSoft has issued an advisory (MDKSA-2004:143) along with patched upgrades. Please see the referenced advisory for more information.

Red Hat has released a Red Hat Enterprise Linux advisory (RHSA-2004:636-03) that includes an updated version of ImageMagick to address this issue. Please see the referenced advisory for more information.

TurboLinux has issued an advisory and fixes for TurboLinux Server and Desktop 10. See advisory TLSA-2005-7 in the reference section.

Ubuntu has released advisory USN-90-1 to address this issue. Please see the referenced advisory for more information.

Gentoo linux has released an advisory (GLSA 200503-11) dealing with this issue. Gentoo advises that all ImageMagick users should upgrade to the latest version by issuing the following commands with superuser privileges:

emerge --sync
emerge --ask --oneshot --verbose ">=media-gfx/imagemagick-6.2.0.4"

For more information please see the referenced Gentoo linux advisory.

Red Hat has released advisory RHSA-2005:320-10 and fixes to address this issue on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.

SuSE Linux has released an advisory (SUSE-SA:2005:017) dealing with this and other issues. Please see the referenced advisory for more information.

RedHat has released advisories FEDORA-2005-234 and FEDORA-2005-235 dealing with this issue in their Core 2 and Core 3 packages respectively. Please see the referenced advisory for more information.

RedHat Fedora Legacy has released security advisory FLSA:152777 addressing this issue for RedHat Linux 7.3 and 9.0, and for Fedora Core 1 and 2. Please see the referenced advisory for further information.


Red Hat Fedora Core2

Red Hat Fedora Core1

ImageMagick ImageMagick 5.3.3

ImageMagick ImageMagick 5.4.3

ImageMagick ImageMagick 5.4.4 .5

ImageMagick ImageMagick 5.4.7

ImageMagick ImageMagick 5.4.8 .2-1.1.0

ImageMagick ImageMagick 5.4.8

ImageMagick ImageMagick 5.5.3 .2-1.2.0

ImageMagick ImageMagick 5.5.6 .0-20030409

ImageMagick ImageMagick 5.5.7

ImageMagick ImageMagick 6.0

ImageMagick ImageMagick 6.0.1

ImageMagick ImageMagick 6.0.3

ImageMagick ImageMagick 6.0.4

ImageMagick ImageMagick 6.0.5

ImageMagick ImageMagick 6.0.6

ImageMagick ImageMagick 6.0.7

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站