Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2004:102: ImageMagick


Vulnerability Assessment Details

MDKSA-2004:102: ImageMagick

Vulnerability Assessment Summary
Check for the version of the ImageMagick package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory MDKSA-2004:102 (ImageMagick).


Several buffer overflow vulnerabilities in ImageMagick were discovered by Marcus
Meissner from SUSE. These vulnerabilities would permit a possible hacker to create a
malicious image or video file in AVI, BMP, or DIB formats which could crash the
reading process. It may be possible to create malicious images that could also
permit for the execution of arbitray code with the rights of the invoking
user or process.
The updated packages provided are patched to correct these problems.


Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:102
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security

Cables, Connectors

Mac Publisher Pro - 2000
$0.99
Mac Publisher Pro - 2000 pictureElvira game for Atari ST 1990 Accolade
$30.0
Elvira game for Atari ST 1990 Accolade pictureATARI 400 Home Computer ATARI 410 Program Recorder bundle
$95.0
ATARI 400 Home Computer ATARI 410 Program Recorder bundle  pictureAtari 1200XL Computer Indus GT Floppy Disk Drive w/Case & Cables + extras LOOK
$450.0
Atari 1200XL Computer  Indus GT Floppy Disk Drive w/Case & Cables + extras  LOOK picture


Discussions

No Discussions have been posted on this vulnerability.