Test ID:	1.3.6.1.4.1.25623.1.0.59211
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-523-1 (imagemagick)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to imagemagick announced via advisory USN-523-1. A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. Details follow: Multiple vulnerabilities were found in the image decoders of ImageMagick. If a user or automated system were tricked into processing a malicious DCM, DIB, XBM, XCF, or XWD image, a remote attacker could execute arbitrary code with user privileges. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libmagick9 6:6.2.4.5-0.6ubuntu0.7 Ubuntu 6.10: libmagick9 7:6.2.4.5.dfsg1-0.10ubuntu0.4 Ubuntu 7.04: libmagick9 7:6.2.4.5.dfsg1-0.14ubuntu0.2 In general, a standard system upgrade is sufficient to affect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-523-1 Risk factor : Critical CVSS Score: 9.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4985 BugTraq ID: 25764 http://www.securityfocus.com/bid/25764 Bugtraq: 20071112 FLEA-2007-0066-1 ImageMagick (Google Search) http://www.securityfocus.com/archive/1/483572/100/0/threaded Debian Security Information: DSA-1858 (Google Search) http://www.debian.org/security/2009/dsa-1858 http://security.gentoo.org/glsa/glsa-200710-27.xml http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=596 http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035 http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10869 http://www.redhat.com/support/errata/RHSA-2008-0145.html http://www.redhat.com/support/errata/RHSA-2008-0165.html http://www.securitytracker.com/id?1018729 http://secunia.com/advisories/26926 http://secunia.com/advisories/27048 http://secunia.com/advisories/27309 http://secunia.com/advisories/27364 http://secunia.com/advisories/27439 http://secunia.com/advisories/28721 http://secunia.com/advisories/29786 http://secunia.com/advisories/29857 http://secunia.com/advisories/36260 SuSE Security Announcement: SUSE-SR:2007:023 (Google Search) http://www.novell.com/linux/security/advisories/2007_23_sr.html http://www.ubuntu.com/usn/usn-523-1 http://www.vupen.com/english/advisories/2007/3245 XForce ISS Database: imagemagick-readdcmimage-readxcfimage-dos(36740) https://exchange.xforce.ibmcloud.com/vulnerabilities/36740 Common Vulnerability Exposure (CVE) ID: CVE-2007-4986 BugTraq ID: 25763 http://www.securityfocus.com/bid/25763 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=594 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9963 http://secunia.com/advisories/35316 XForce ISS Database: imagemagick-multiplefunctions-bo(36738) https://exchange.xforce.ibmcloud.com/vulnerabilities/36738 Common Vulnerability Exposure (CVE) ID: CVE-2007-4987 BugTraq ID: 25766 http://www.securityfocus.com/bid/25766 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=595 XForce ISS Database: imagemagick-readblogstring-bo(36739) https://exchange.xforce.ibmcloud.com/vulnerabilities/36739 Common Vulnerability Exposure (CVE) ID: CVE-2007-4988 BugTraq ID: 25765 http://www.securityfocus.com/bid/25765 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=597 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9656 XForce ISS Database: imagemagick-readdibimage-bo(36737) https://exchange.xforce.ibmcloud.com/vulnerabilities/36737
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.