ImageMagick远程EXIF解析缓冲区溢出漏洞

admin
admin
admin
0
文章
0
评论
2022-07-18 18:16:02 CNNVD漏洞 来源:ZONE.CI 全球网 0 阅读模式

漏洞信息详情

ImageMagick远程EXIF解析缓冲区溢出漏洞

  • CNNVD编号:CNNVD-200502-025
  • 危害等级: 超危
  • CVE编号: CVE-2004-0981
  • 漏洞类型: 缓冲区溢出
  • 发布时间: 2005-02-09
  • 威胁类型: 远程
  • 更新时间: 2005-10-20
  • 厂        商: debian
  • 漏洞来源: The individual res...

漏洞简介

ImageMagick 是一个图象处理软件。它可以编辑、显示包括JPEG、TIFF、PNM、PNG、GIF和Photo CD在内的绝大多数当今最流行的图象格式。 ImageMagick 6.1.0之前的EXIF解析例程中的缓冲区溢出,可让远程攻击者通过某些图像文件执行任意代码。

漏洞公告

目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接: RedHat Fedora Core2 Fedora ImageMagick-6.2.0.7-2.fc2.4.legacy.i386.rpm RedHat Fedora Core 2 http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-6.2 .0.7-2.fc2.4.legacy.i386.rpm Fedora ImageMagick-c++-6.2.0.7-2.fc2.4.legacy.i386.rpm RedHat Fedora Core 2 http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-c++ -6.2.0.7-2.fc2.4.legacy.i386.rpm Fedora ImageMagick-c++-devel-6.2.0.7-2.fc2.4.legacy.i386.rpm RedHat Fedora Core 2 http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-c++ -devel-6.2.0.7-2.fc2.4.legacy.i386.rpm Fedora ImageMagick-devel-6.2.0.7-2.fc2.4.legacy.i386.rpm RedHat Fedora Core 2 http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-dev el-6.2.0.7-2.fc2.4.legacy.i386.rpm Fedora ImageMagick-perl-6.2.0.7-2.fc2.4.legacy.i386.rpm RedHat Fedora Core 2 http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-per l-6.2.0.7-2.fc2.4.legacy.i386.rpm RedHat Fedora Core1 Fedora ImageMagick-5.5.6-13.legacy.i386.rpm RedHat Fedora Core 1 http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-5.5 .6-13.legacy.i386.rpm Fedora ImageMagick-c++-5.5.6-13.legacy.i386.rpm RedHat Fedora Core 1 http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-c++ -5.5.6-13.legacy.i386.rpm Fedora ImageMagick-c++-devel-5.5.6-13.legacy.i386.rpm RedHat Fedora Core 1 http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-c++ -devel-5.5.6-13.legacy.i386.rpm Fedora ImageMagick-devel-5.5.6-13.legacy.i386.rpm RedHat Fedora Core 1 http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-dev el-5.5.6-13.legacy.i386.rpm Fedora ImageMagick-perl-5.5.6-13.legacy.i386.rpm RedHat Fedora Core 1 http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-per l-5.5.6-13.legacy.i386.rpm ImageMagick ImageMagick 5.3.3 ImageMagick Imagemagick version 6.1.2 http://sourceforge.net/project/showfiles.php?group_id=24099 ImageMagick ImageMagick 5.4.3 ImageMagick Imagemagick version 6.1.2 http://sourceforge.net/project/showfiles.php?group_id=24099 ImageMagick ImageMagick 5.4.4 .5 Debian imagemagick_5.4.4.5-1woody4_alpha.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_alpha.deb Debian imagemagick_5.4.4.5-1woody4_arm.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_arm.deb Debian imagemagick_5.4.4.5-1woody4_hppa.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_hppa.deb Debian imagemagick_5.4.4.5-1woody4_i386.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_i386.deb Debian imagemagick_5.4.4.5-1woody4_ia64.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_ia64.deb Debian imagemagick_5.4.4.5-1woody4_m68k.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_m68k.deb Debian imagemagick_5.4.4.5-1woody4_mips.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_mips.deb Debian imagemagick_5.4.4.5-1woody4_mipsel.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_mipsel.deb Debian imagemagick_5.4.4.5-1woody4_powerpc.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_powerpc.deb Debian imagemagick_5.4.4.5-1woody4_s390.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_s390.deb Debian imagemagick_5.4.4.5-1woody4_sparc.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick _5.4.4.5-1woody4_sparc.deb Debian libmagick++5-dev_5.4.4.5-1woody4_alpha.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_alpha.deb Debian libmagick++5-dev_5.4.4.5-1woody4_arm.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_arm.deb Debian libmagick++5-dev_5.4.4.5-1woody4_hppa.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_hppa.deb Debian libmagick++5-dev_5.4.4.5-1woody4_i386.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_i386.deb Debian libmagick++5-dev_5.4.4.5-1woody4_ia64.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_ia64.deb Debian libmagick++5-dev_5.4.4.5-1woody4_m68k.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_m68k.deb Debian libmagick++5-dev_5.4.4.5-1woody4_mips.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_mips.deb Debian libmagick++5-dev_5.4.4.5-1woody4_mipsel.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_mipsel.deb Debian libmagick++5-dev_5.4.4.5-1woody4_powerpc.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_powerpc.deb Debian libmagick++5-dev_5.4.4.5-1woody4_s390.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_s390.deb Debian libmagick++5-dev_5.4.4.5-1woody4_sparc.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5-dev_5.4.4.5-1woody4_sparc.deb Debian libmagick++5_5.4.4.5-1woody4_alpha.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_alpha.deb Debian libmagick++5_5.4.4.5-1woody4_arm.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_arm.deb Debian libmagick++5_5.4.4.5-1woody4_hppa.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_hppa.deb Debian libmagick++5_5.4.4.5-1woody4_i386.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_i386.deb Debian libmagick++5_5.4.4.5-1woody4_ia64.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_ia64.deb Debian libmagick++5_5.4.4.5-1woody4_m68k.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_m68k.deb Debian libmagick++5_5.4.4.5-1woody4_mips.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_mips.deb Debian libmagick++5_5.4.4.5-1woody4_mipsel.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_mipsel.deb Debian libmagick++5_5.4.4.5-1woody4_powerpc.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_powerpc.deb Debian libmagick++5_5.4.4.5-1woody4_s390.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_s390.deb Debian libmagick++5_5.4.4.5-1woody4_sparc.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++ 5_5.4.4.5-1woody4_sparc.deb Debian libmagick5-dev_5.4.4.5-1woody4_alpha.deb Debian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/

参考网址

来源: XF 名称: imagemagick-exif-image-bo(17903) 链接:http://xforce.iss.net/xforce/xfdb/17903 来源: BID 名称: 11548 链接:http://www.securityfocus.org/bid/11548 来源: www.imagemagick.org 链接:http://www.imagemagick.org/www/Changelog.HTML 来源: GENTOO 名称: GLSA-200411-11 链接:http://security.gentoo.org/glsa/glsa-200411-11.xml 来源: SECUNIA 名称: 12995 链接:http://secunia.com/advisories/12995/ 来源: UBUNTU 名称: USN-7-1 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=109900325831136&w=2

受影响实体

  • Debian Debian_linux:3.0:Sparc  

补丁

    暂无

weinxin
特别声明
本站(ZONE.CI)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
咨询加Q:999999999
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
ZONE.CI 全球网 安全领域涉猎者-乌云独行地带
获取本源码
售前咨询加Q:120433200
站媒体网仿《知更鸟》模板
获取本源码 zmt6.com
评论:0   参与:  0