Signature Detail
Short Name |
HTTP:OVERFLOW:IMAGEMAGICK-EXIF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
ImageMagick EXIF ResolutionUnit Handling Memory Corruption |
Release Date |
2012/03/19 |
Update Number |
2100 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: ImageMagick EXIF ResolutionUnit Handling Memory Corruption
This signature detects attempts to exploit a known vulnerability against ImageMagick. A successful attack can lead to arbitrary code execution.
Extended Description
ImageMagick is prone to a buffer-overflow vulnerability and a denial-of-service vulnerability. Remote attackers can exploit these issues to execute arbitrary code in the context of the application or cause denial-of-service conditions. ImageMagick versions prior to 6.7.5-1 are vulnerable.
Affected Products
- Debian Linux 6.0 amd64
- Debian Linux 6.0 arm
- Debian Linux 6.0 ia-32
- Debian Linux 6.0 ia-64
- Debian Linux 6.0 mips
- Debian Linux 6.0 powerpc
- Debian Linux 6.0 s/390
- Debian Linux 6.0 sparc
- Gentoo Linux
- ImageMagick 6.0.0
- ImageMagick 6.0.1
- ImageMagick 6.0.2
- ImageMagick 6.0.2 .5
- ImageMagick 6.0.3
- ImageMagick 6.0.4
- ImageMagick 6.0.4.4
- ImageMagick 6.0.5
- ImageMagick 6.0.6
- ImageMagick 6.0.6.2
- ImageMagick 6.0.7
- ImageMagick 6.0.8
- ImageMagick 6.1.0
- ImageMagick 6.1.1
- ImageMagick 6.1.2
- ImageMagick 6.1.3
- ImageMagick 6.1.4
- ImageMagick 6.1.5
- ImageMagick 6.1.6
- ImageMagick 6.1.7
- ImageMagick 6.1.8
- ImageMagick 6.2.0
- ImageMagick 6.2.0 .0.4
- ImageMagick 6.2.0 .0.7
- ImageMagick 6.2.0.3
- ImageMagick 6.2.1
- ImageMagick 6.2.2
- ImageMagick 6.2.3
- ImageMagick 6.2.3.4
- ImageMagick 6.2.4
- ImageMagick 6.2.4.3
- ImageMagick 6.2.4 .5
- ImageMagick 6.2.5
- ImageMagick 6.2.6
- ImageMagick 6.2.7
- ImageMagick 6.2.8
- ImageMagick 6.2.9
- ImageMagick 6.2.9.2
- ImageMagick 6.3.1
- ImageMagick 6.3.2
- ImageMagick 6.3.3-3
- ImageMagick 6.3.3-5
- ImageMagick 6.3.3-6
- ImageMagick 6.3.4
- ImageMagick 6.3.5-10
- ImageMagick 6.3.5-9
- ImageMagick 6.4.0 -4
- ImageMagick 6.5.2-8
- ImageMagick 6.5.2-9
- ImageMagick 6.6.5-5
- ImageMagick 6.6.8-5
- Mandriva Enterprise Server 5
- Mandriva Enterprise Server 5 X86 64
- Mandriva Linux Mandrake 2010.1
- Mandriva Linux Mandrake 2010.1 X86 64
- Mandriva Linux Mandrake 2011
- Mandriva Linux Mandrake 2011 x86_64
- Oracle Enterprise Linux 5
- Oracle Enterprise Linux 6
- Oracle Enterprise Linux 6.2
- Red Hat Enterprise Linux 5 Server
- Red Hat Enterprise Linux Desktop 5 Client
- Red Hat Enterprise Linux Desktop 6
- Red Hat Enterprise Linux Desktop Optional 6
- Red Hat Enterprise Linux Desktop Workstation 5 Client
- Red Hat Enterprise Linux HPC Node Optional 6
- Red Hat Enterprise Linux Server 6
- Red Hat Enterprise Linux Server Optional 6
- Red Hat Enterprise Linux Workstation 6
- Red Hat Enterprise Linux Workstation Optional 6
- Ubuntu Ubuntu Linux 10.04 Amd64
- Ubuntu Ubuntu Linux 10.04 ARM
- Ubuntu Ubuntu Linux 10.04 I386
- Ubuntu Ubuntu Linux 10.04 Powerpc
- Ubuntu Ubuntu Linux 10.04 Sparc
- Ubuntu Ubuntu Linux 11.04 amd64
- Ubuntu Ubuntu Linux 11.04 ARM
- Ubuntu Ubuntu Linux 11.04 i386
- Ubuntu Ubuntu Linux 11.04 powerpc
- Ubuntu Ubuntu Linux 11.10 amd64
- Ubuntu Ubuntu Linux 11.10 i386
- Ubuntu Ubuntu Linux 12.04 LTS amd64
- Ubuntu Ubuntu Linux 12.04 LTS i386
References