Signature Detail

HTTP: ImageMagick SGI File Handling Buffer Overflow

This signature detects attempts to exploit a known vulnerability in ImageMagick SGI decoder. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

ImageMagick is prone to a remote heap buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. This issue allows attackers to execute arbitrary machine code in the context of applications that use the ImageMagick library. ImageMagick versions in the 6.x series, up to version 6.2.8, are vulnerable to this issue.

Affected Products

• Debian Linux 3.1.0
• Debian Linux 3.1.0 Alpha
• Debian Linux 3.1.0 Amd64
• Debian Linux 3.1.0 Arm
• Debian Linux 3.1.0 Hppa
• Debian Linux 3.1.0 Ia-32
• Debian Linux 3.1.0 Ia-64
• Debian Linux 3.1.0 M68k
• Debian Linux 3.1.0 Mips
• Debian Linux 3.1.0 Mipsel
• Debian Linux 3.1.0 Ppc
• Debian Linux 3.1.0 S/390
• Debian Linux 3.1.0 Sparc
• Gentoo Linux
• ImageMagick 6.0.0
• ImageMagick 6.0.1
• ImageMagick 6.0.2
• ImageMagick 6.0.2 .5
• ImageMagick 6.0.3
• ImageMagick 6.0.4
• ImageMagick 6.0.5
• ImageMagick 6.0.6
• ImageMagick 6.0.7
• ImageMagick 6.0.8
• ImageMagick 6.1.0
• ImageMagick 6.1.1
• ImageMagick 6.1.2
• ImageMagick 6.1.3
• ImageMagick 6.1.4
• ImageMagick 6.1.5
• ImageMagick 6.1.6
• ImageMagick 6.1.7
• ImageMagick 6.1.8
• ImageMagick 6.2.0
• ImageMagick 6.2.0 .0.4
• ImageMagick 6.2.0 .0.7
• ImageMagick 6.2.1
• ImageMagick 6.2.2
• ImageMagick 6.2.3
• ImageMagick 6.2.4
• ImageMagick 6.2.4 .5
• ImageMagick 6.2.5
• ImageMagick 6.2.6
• ImageMagick 6.2.7
• ImageMagick 6.2.8
• Mandriva Corporate Server 3.0.0
• Mandriva Corporate Server 3.0.0 X86 64
• Mandriva Linux Mandrake 2006.0.0
• Mandriva Linux Mandrake 2006.0.0 X86 64
• Novell Linux Desktop 9
• Red Hat Advanced Workstation for the Itanium Processor 2.1.0
• Red Hat Desktop 3.0.0
• Red Hat Desktop 4.0.0
• Red Hat Enterprise Linux AS 2.1
• Red Hat Enterprise Linux AS 2.1 IA64
• Red Hat Enterprise Linux AS 3
• Red Hat Enterprise Linux AS 4
• Red Hat Enterprise Linux ES 2.1
• Red Hat Enterprise Linux ES 2.1 IA64
• Red Hat Enterprise Linux ES 3
• Red Hat Enterprise Linux ES 4
• Red Hat Enterprise Linux WS 2.1
• Red Hat Enterprise Linux WS 2.1 IA64
• Red Hat Enterprise Linux WS 3
• Red Hat Enterprise Linux WS 4
• Red Hat Fedora Core5
• Red Hat Fedora Core6
• rPath rPath Linux 1
• SuSE Linux Desktop 1.0.0
• SuSE Linux Openexchange Server
• SuSE Linux Personal 10.0.0 OSS
• SuSE Linux Personal 10.1
• SuSE Linux Personal 9.2.0
• SuSE Linux Personal 9.2.0 X86 64
• SuSE Linux Personal 9.3.0
• SuSE Linux Personal 9.3.0 X86 64
• SuSE Linux Professional 10.0.0
• SuSE Linux Professional 10.0.0 OSS
• SuSE Linux Professional 10.1
• SuSE Linux Professional 9.2.0
• SuSE Linux Professional 9.2.0 X86 64
• SuSE Linux Professional 9.3.0
• SuSE Linux Professional 9.3.0 X86 64
• SuSE SUSE Linux Enterprise Desktop 10
• SuSE SUSE Linux Enterprise SDK 10
• SuSE SUSE Linux Enterprise Server SDK 9
• SuSE SuSE Linux School Server for i386
• SuSE SuSE Linux Standard Server 8.0.0
• Trustix Secure Linux 2.2.0
• Trustix Secure Linux 3.0.0
• Turbolinux Appliance Server 2.0
• Turbolinux Home
• Turbolinux Multimedia
• Turbolinux Personal
• Turbolinux 10 F...
• Turbolinux FUJI
• Turbolinux Turbolinux Desktop 10.0.0
• Turbolinux Turbolinux Server 10.0.0
• Turbolinux Turbolinux Server 10.0.0 X64
• Turbolinux Turbolinux Server 8.0.0
• Ubuntu Ubuntu Linux 5.0.0 4 Amd64
• Ubuntu Ubuntu Linux 5.0.0 4 I386
• Ubuntu Ubuntu Linux 5.0.0 4 Powerpc
• Ubuntu Ubuntu Linux 5.10.0 Amd64
• Ubuntu Ubuntu Linux 5.10.0 I386
• Ubuntu Ubuntu Linux 5.10.0 Powerpc
• Ubuntu Ubuntu Linux 5.10.0 Sparc
• Ubuntu Ubuntu Linux 6.06 LTS Amd64
• Ubuntu Ubuntu Linux 6.06 LTS I386
• Ubuntu Ubuntu Linux 6.06 LTS Powerpc
• Ubuntu Ubuntu Linux 6.06 LTS Sparc

References

• BugTraq: 19507
• CVE: CVE-2006-4144