Summary
The host is installed with ImageMagick and is prone to Buffer Overflow Vulnerability.
Impact
Attackers can exploit this issue by executing arbitrary code via a crafted TIFF files in the context of an affected application.
Impact Level: Application
Solution
Upgrade to ImageMagick version 6.5.2-9 or later.
http://www.imagemagick.org/script/download.php
Insight
The flaw occurs due to an integer overflow error within the 'XMakeImage()' function in magick/xwindow.c file while processing malformed TIFF files.
Affected
ImageMagick version prior to 6.5.2-9 on Windows.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-1882 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- BigAnt IM Server HTTP GET Request Buffer Overflow Vulnerability
- AIMP ID3 Tag Buffer Overflow Vulnerability
- ChaSen Buffer Overflow Vulnerability (Linux)
- Apple QuickTime Multiple Buffer Overflow Vulnerabilities (Windows)
- Attachmate Reflection FTP Client LIST Command Remote Heap Buffer Overflow Vulnerability