CVE-2007-4985 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-4985
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-4985

Description: ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/36740 UBUNTU http://www.ubuntu.com/usn/usn-523-1 SUSE http://www.novell.com/linux/security/advisories/2007_23_sr.html ST 1018729 SAID Secunia Advisory: SA27309 Secunia Advisory: SA27364 Secunia Advisory: SA27048 Secunia Advisory: SA26926 Secunia Advisory: SA27439 Secunia Advisory: SA28721 Secunia Advisory: SA29786 Secunia Advisory: SA29857 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0145.html http://www.redhat.com/support/errata/RHSA-2008-0165.html MLIST http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html MANDRIVA http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=596 GENTOO http://security.gentoo.org/glsa/glsa-200710-27.xml CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=186030 http://www.imagemagick.org/script/changelog.php BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/483572/100/0/threaded BID 25764

Return to the previous page.