[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2014-336 ---- ImageMagick

ID: oval:org.secpod.oval:def:1600187Date: (C)2016-01-07   (M)2022-10-10
Class: PATCHFamily: unix




A buffer overflow flaw was found in the way ImageMagick handled PSD images that use RLE encoding. An attacker could create a malicious PSD image file that, when opened in ImageMagick, would cause ImageMagick to crash or, potentially, execute arbitrary code with the privileges of the user running ImageMagick.A buffer overflow flaw affecting ImageMagick when creating PSD images was reported. The vulnerability is similar to CVE-2014-1947 , except that CVE-2014-2030 "s format string is "L%06ld" instead of CVE-2014-1947 "s "L%02ld" due to commit r1448.

Platform:
Amazon Linux AMI
Product:
ImageMagick
Reference:
ALAS-2014-336
CVE-2014-1958
CVE-2014-1947
CVE-2014-2030
CVE    3
CVE-2014-1947
CVE-2014-1958
CVE-2014-2030
CPE    2
cpe:/o:amazon:linux
cpe:/a:imagemagick:imagemagick

© SecPod Technologies