ImageMagick Buffer Overflow Vulnerability (Win) Network Vulnerability

Summary

The host is installed with ImageMagick and is prone to Buffer Overflow Vulnerability.

Impact

Attackers can exploit this issue by executing arbitrary code via a crafted TIFF files in the context of an affected application. Impact Level: Application

Solution

Upgrade to ImageMagick version 6.5.2-9 or later. http://www.imagemagick.org/script/download.php

Insight

The flaw occurs due to an integer overflow error within the 'XMakeImage()' function in magick/xwindow.c file while processing malformed TIFF files.

Affected

ImageMagick version prior to 6.5.2-9 on Windows.

References

http://secunia.com/advisories/35216/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1882

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Windows)
Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
Cscope Multiple Buffer Overflow vulnerability
Cogent DataHub Unicode Buffer Overflow Vulnerability
CursorArts ZipWrangler 'ZIP Processing' Buffer Overflow Vulnerability

Take action and discover your vulnerabilities