Secunia
Login
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Thread: ImageMagic 6.x 'solution' not applicable to Calibre DLL
You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.This thread was submitted in the following forum:
Programs
|
Relating to this vendor: |
And, this specific program: ImageMagick 6.x |
| ott-group | ImageMagic 6.x 'solution' not applicable to Calibre DLL |
|---|---|
 |
14th May, 2012 17:03 |
|
Ranking: 1 Posts: 19 User Since: 2nd Sep, 2010 System Score: N/A Location: UK |
Program Name: ImageMagick 6.x Security State: Insecure Download Link: http://dl.secunia.com/SPS/ImageMagick_6.7.6-5.exe Instances Found: C:\Program Files (x86)\Calibre2\DLLs\CORE_RL_magick_.dll, version: 6.6.6 Last System Scan (localtime): 14. May 2012, 15:09 Operating System: Microsoft Windows 7, Microsoft Windows 7 END PSI identifies vulnerability in above DLL but 'solution' simply installs a standalone version of ImageMagic that does not even contain a DLL that could potentially replace the Calibre one. Downloaded the latest version of Calibre and the 'vulnerable' DLL is unchanged. Regards to All, Chris |
Post "RE: ImageMagic 6.x 'solution' not applicable to Calibre DLL" has been selected as an answer.
| Maurice Joyce | RE: ImageMagic 6.x 'solution' not applicable to Calibre DLL | ||||||||
|
14th May, 2012 17:43 | ||||||||
| Score: 10510 Posts: 8,071 User Since: 4th Jan 2009 System Score: 100% Location: UK |
Chris, That looks like another false positive. I have been dealing with a few of these with Secunia Support over the last few weeks. Would U like me to contact support for U if they do not respond by "close of play" today? - if not U can do it yourself by emailing support@secunia.com After they have investigated (& if necessary adjusted their database) a simple rescan normally solves the issue. Example here: http://secunia.com/community/forum/thread/show/126... -- Maurice Windows 7 SP1 64 Bit OS HP Intel Pentium i7 IE 10 for Windows 7 16GB RAM |
||||||||
|
|||||||||
| ott-group | RE: ImageMagic 6.x 'solution' not applicable to Calibre DLL | ||||||||
|
|
14th May, 2012 19:32 | ||||||||
| Score: 1 Posts: 19 User Since: 2nd Sep 2010 System Score: N/A Location: UK |
on 14th May, 2012 17:43, Maurice Joyce wrote: Chris, That looks like another false positive. I have been dealing with a few of these with Secunia Support over the last few weeks. Would U like me to contact support for U if they do not respond by "close of play" today? - if not U can do it yourself by emailing support@secunia.com After they have investigated (& if necessary adjusted their database) a simple rescan normally solves the issue. Example here: http://secunia.com/community/forum/thread/show/126... Maurice, hadn't thought of it as a false positive. I should have added that the Calibre DLL *is* an ImageMagick product according to its properties. Its description is "ImageMagick Studio library and utility programs". It *may* well be vulnerable but also *may* need to be updated as part of a Calibre update package. If you still suspect it to be a false positive I would be interested to hear. I haven't raised the issue with Calibre yet as it requires me to create an account on a bug tracking system but I was going to do that later tonight. Having said all that you are of course welcome to submit to Secunia if they haven't responded. One less thing fro me to remember to do! Thanks for the response. Much appreciated. Best Regards, Chris |
||||||||
|
|||||||||
| Maurice Joyce | RE: ImageMagic 6.x 'solution' not applicable to Calibre DLL | ||||||||
|
|
15th May, 2012 00:18 | ||||||||
| Score: 10510 Posts: 8,071 User Since: 4th Jan 2009 System Score: 100% Location: UK |
Email sent - hopefully they will respond tomorrow. -- Maurice Windows 7 SP1 64 Bit OS HP Intel Pentium i7 IE 10 for Windows 7 16GB RAM |
||||||||
|
|||||||||
| This user no longer exists | RE: ImageMagic 6.x 'solution' not applicable to Calibre DLL | ||||||||
|
|
15th May, 2012 09:02 | ||||||||
| Hi, We recently made a correction to our rules to prevent ImageMagick f'alse positives. If you run a full rescan, does the problem still occur? |
|||||||||
|
|||||||||
| ott-group | RE: ImageMagic 6.x 'solution' not applicable to Calibre DLL | ||||||||
|
|
15th May, 2012 13:46 | ||||||||
| Score: 1 Posts: 19 User Since: 2nd Sep 2010 System Score: N/A Location: UK |
on 15th May, 2012 09:02, wrote: Hi, We recently made a correction to our rules to prevent ImageMagick f'alse positives. If you run a full rescan, does the problem still occur? False positive cleared. Thanks. Regards, Chris |
||||||||
|
|||||||||
| ott-group | RE: ImageMagic 6.x 'solution' not applicable to Calibre DLL | ||||||||
|
|
15th May, 2012 13:49 | ||||||||
| Score: 1 Posts: 19 User Since: 2nd Sep 2010 System Score: N/A Location: UK |
on 15th May, 2012 00:18, Maurice Joyce wrote: Email sent - hopefully they will respond tomorrow. They have indeed. Many thanks! Regards, Chris |
||||||||
|
|||||||||
| Maurice Joyce | RE: ImageMagic 6.x 'solution' not applicable to Calibre DLL | ||||||||
|
|
15th May, 2012 14:42 | ||||||||
| Score: 10510 Posts: 8,071 User Since: 4th Jan 2009 System Score: 100% Location: UK |
Chris. Pleased to see U are all fixed up. On that basis, I will lock this thread for U sometime tomorrow unless U post back asking for it to be left open. This will protect your mail box from possible update emails from "tag on" posts You can of course lock threads U have created. Just click the ACCEPT button in the post of the helper who offered U the best solution/advice to solve your problem. Secunia Support can always reopen threads by applying by email to: support@secunia.com -- Maurice Windows 7 SP1 64 Bit OS HP Intel Pentium i7 IE 10 for Windows 7 16GB RAM |
||||||||
|
|||||||||
