In association with heise online

23 September 2007, 17:39

Security holes in ImageMagick fixed

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The developers of the free imaging software ImageMagick 6.3.5-9 have reportedly closed four security holes that could be exploited on various operating systems. Although there are no known exploits for these bugs, the developers recommend users to update to the new version. An integer overflow vulnerability allows attackers to crash programs that use an ImageMagick library. Two vulnerabilities can be exploited for arbitrary code injection and execution on the target PC, and a fourth hole might be usable to conduct denial-of-service attacks by consumption of excessive CPU resources.

Security advisories by iDefense:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit