View Full Version : USN-681-1: ImageMagick vulnerability

December 1st, 2008, 06:30 PM
Referenced CVEs:

================================================== =========Ubuntu Security Notice USN-681-1 December 01, 2008imagemagick vulnerabilityCVE-2008-1096============================================== =============A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 7.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: imagemagick 6: 7.10: imagemagick 7: a standard system upgrade you need to restart any applications thatuse ImageMagick, such as OpenOffice.org and Inkscape, to effect thenecessary changes.Details follow:It was discovered that ImageMagick did not correctly handle certainmalformed XCF images. If a user were tricked into opening a speciallycrafted image with an application that uses ImageMagick, an attackercould cause a denial of service and possibly execute arbitrary code withthe user's privileges.

More... (http://www.ubuntu.com/usn/USN-681-1)