English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 148472 CVE descriptions
and 72306 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2004-30
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date : 05 Oct 2004
 Last revised           : 05 Oct 2004

 Package : ImageMagick

 Summary : Multiple buffer overflow vulnerabilities in ImageMagick

 More information :
    ImageMagick(TM) is an image display and manipulation tool for the X
    Window System.  ImageMagick can read and write JPEG, TIFF, PNM, GIF and
    Photo CD image file formats.

    Multiple buffer overflow vulnerabilities in ImageMagick allowing remote
    attackers to execute arbitrary code via a malformed image or video file.

 Impact :
    These vulnerabilities may allow remote attackers to execute arbitrary
    code via a malformed image or video file in AVI or BMP formats.

 Affected Products :
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux 8 Server
    - Turbolinux 8 Workstation
    - Turbolinux 7 Server
    - Turbolinux 7 Workstation

 Solution :
    Please use the turbopkg (zabom) tool to apply the update. 
 ---------------------------------------------
 [Turbolinux 10 Desktop, Turbolinux 10 F...]
 # zabom -u ImageMagick ImageMagick-devel

 [other]
 # turbopkg
 or
 # zabom update ImageMagick ImageMagick-devel
 ---------------------------------------------


 <Turbolinux 10 Desktop, Turbolinux 10 F...>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/ImageMagick-5.5.7-5.src.rpm
      5274681 6a9d3c1b208049830e7086b9aae75fe7

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/ImageMagick-5.5.7-5.i586.rpm
      2397224 dea16cf3ee2ce38381e3d2679ad8fa3c
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/ImageMagick-devel-5.5.7-5.i586.rpm
       555804 840cc5d2ec79afd5cfdbf4223f625195

 <Turbolinux 8 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/ImageMagick-5.4.7-1.src.rpm
      3614849 bb43185f084dd6e32f10694f35fb513d

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/ImageMagick-5.4.7-2.i586.rpm
      3207676 6839799de74d7439334a875a097b6049
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/ImageMagick-c++-5.4.7-2.i586.rpm
      1392173 d0af80e68a129fd41d301b7ec3469ff5
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/ImageMagick-devel-5.4.7-2.i586.rpm
       855821 be80bb2b23c8b87ab831bb99201b85c8
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/ImageMagick-perl-5.4.7-2.i586.rpm
        60163 1281a234915115227a2bb2fa5071d6c7

 <Turbolinux 8 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/ImageMagick-5.4.3-3.src.rpm
      3665019 ae1a64cf87ea0e6598ca147abd3349e4

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/ImageMagick-5.4.3-3.i586.rpm
      3668565 d065de9b0d5a58b6393cc4805e0eb405
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/ImageMagick-devel-5.4.3-3.i586.rpm
       971835 df0dda9a20ad43b2a8b3ee7a5313f6a8

 <Turbolinux 7 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/ImageMagick-5.3.3-3.src.rpm
      3656626 6197f1b2ff6d1a831d532a3fce210f94

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/ImageMagick-5.3.3-3.i586.rpm
      3038600 0276001bdf52d75ab65dcac7ff4ebb49
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/ImageMagick-devel-5.3.3-3.i586.rpm
      1267440 9e21404db4bf10a005a89f974fd8558e

 <Turbolinux 7 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/ImageMagick-5.3.3-3.src.rpm
      3656626 084f8247af6313928f5dcdae20ed9713

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/ImageMagick-5.3.3-3.i586.rpm
      3039080 e3ca8b73f9a5f6cbaf8a136d121fdebf
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/ImageMagick-devel-5.3.3-3.i586.rpm
      1267050 a3e0ef2ac5bd589f453f5ab529981fab


 References:

 CVE
   [CAN-2004-0827]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0827


 --------------------------------------------------------------------------
 Revision History
    05 Oct 2004 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2004 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFBYpoSK0LzjOqIJMwRArWJAJ90mczJz7sfH0/BCdZ2sMP1sX/R9gCgpOdZ
474cUrIPXmCCxG55hy3eaEU=
=4gvR
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.