Ubuntu Local Security Checks : Ubuntu USN-340-1 (imagemagick)

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.57341
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-340-1 (imagemagick)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to imagemagick announced via advisory USN-340-1. A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. Tavis Ormandy discovered several buffer overflows in imagemagick's Sun Raster and XCF (Gimp) image decoders. By tricking a user or automated system into processing a specially crafted image, this could be exploited to execute arbitrary code with the users' privileges. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: libmagick6 6:6.0.6.2-2.1ubuntu1.4 Ubuntu 5.10: libmagick6 6:6.2.3.4-1ubuntu1.3 Ubuntu 6.06 LTS: libmagick9 6:6.2.4.5-0.6ubuntu0.2 In general, a standard system upgrade is sufficient to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-340-1 Risk factor : High CVSS Score: 5.1
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3743 1016749 http://securitytracker.com/id?1016749 19697 http://www.securityfocus.com/bid/19697 20060901-01-P ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc 21615 http://secunia.com/advisories/21615 21621 http://secunia.com/advisories/21621 21671 http://secunia.com/advisories/21671 21679 http://secunia.com/advisories/21679 21719 http://secunia.com/advisories/21719 21780 http://secunia.com/advisories/21780 21832 http://secunia.com/advisories/21832 22036 http://secunia.com/advisories/22036 22096 http://secunia.com/advisories/22096 28205 http://www.osvdb.org/28205 ADV-2006-3375 http://www.vupen.com/english/advisories/2006/3375 DSA-1168 http://www.debian.org/security/2006/dsa-1168 GLSA-200609-14 http://security.gentoo.org/glsa/glsa-200609-14.xml MDKSA-2006:155 http://www.mandriva.com/security/advisories?name=MDKSA-2006:155 RHSA-2006:0633 http://www.redhat.com/support/errata/RHSA-2006-0633.html SUSE-SA:2006:050 http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html USN-340-1 http://www.ubuntu.com/usn/usn-340-1 http://bugs.gentoo.org/show_bug.cgi?id=144854 https://issues.rpath.com/browse/RPL-605 imagemagick-propuserunit-bo(28575) https://exchange.xforce.ibmcloud.com/vulnerabilities/28575 oval:org.mitre.oval:def:9895 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9895 Common Vulnerability Exposure (CVE) ID: CVE-2006-3744 19699 http://www.securityfocus.com/bid/19699 28204 http://www.osvdb.org/28204 imagemagick-rasterfile-bo(28574) https://exchange.xforce.ibmcloud.com/vulnerabilities/28574 oval:org.mitre.oval:def:11486 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11486
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com