[Pkg-gmagick-im-team] Bug#559775: imagemagick: CVE-2008-3134 denial-of-service
Michael Gilbert
michael.s.gilbert at gmail.com
Mon Dec 7 01:04:55 UTC 2009
Package: imagemagick
Version: 7:6.2.4.5.dfsg1-0.14
Severity: normal
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for imagemagick.
CVE-2008-3134[0]:
| Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4
| allow remote attackers to cause a denial of service (crash, infinite
| loop, or memory consumption) via (a) unspecified vectors in the (1)
| AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA,
| and (9) TGA decoder readers; and (b) the GetImageCharacteristics
| function in magick/image.c, as reachable from a crafted (10) PNG, (11)
| JPEG, (12) BMP, or (13) TIFF file.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134
http://security-tracker.debian.org/tracker/CVE-2008-3134
More information about the Pkg-gmagick-im-team
mailing list