Description: Some vulnerabilities have been reported in ImageMagick, which can be exploited by malicious people to conduct DoS (Denial of Service) attacks or compromise a user's system.
1) Some integer overflow errors exist within the "AllocateImageColormap()", "ReadDCMImage()", "ReadDIBImage()", and "ReadXBMImage()" functions when processing image files. These can be exploited to cause heap-based buffer overflows via specially crafted image files.
2) An off-by-one error exists within the "ReadBlobString()" function in magick/blob.c when processing image files. This can be exploited to cause a one-byte buffer overflow via a specially crafted image file.
3) A sign extension error exists within the "ReadDIBImage()" function when processing image files. This can be exploited to cause a heap-based buffer overflow when processing specially crafted DIB files.
Successful exploitation of the vulnerabilities allows execution of arbitrary code.
4) Some errors within the "ReadDCMImage()" and "ReadXCFImage()" functions can be exploited to cause the execution of infinite loops via specially crafted DCM or XCF files.
The vulnerabilities are reported in versions prior to 6.3.5-9.
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, scan using the Network Software Inspector.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
