In association with heise online

25 August 2006, 12:20

ImageMagick stumbles over SUN and GIMP images

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

ImageMagick, a collection of tools for image editing, has a flaw in its routine for processing images in the GIMP format xcf as well as in the graphics format from Sun. Attackers can use specially manipulated images to cause the software to crash, or even plant arbitrary malware.

ImageMagick is often used for server-side scripts for image editing, such as for depicting forum images in a reduced thumbnail size. Attackers can exploit the vulnerability to achieve access to this kind of systems.

ImageMagick versions 6.2.9 and earlier are affected. The ImageMagick developers have made updated packages available in version 6.2.9-1 that close the security hole. Users of the software should install the new version immediately. Linux distributors will also soon be making updated packets available; for its part, Red Hat is already delivering updates.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit