OSVDB ID: 29990 Title: ImageMagick ReadPALMImage Function Overflow |
Info |
|
|
Dates |
||||
|
|
Description |
A local buffer overflow exists in ImageMagick. The application fails to check boundary conditions in the 'ReadPALMImage()' function resulting in a heap overflow. With a specially crafted request, an attacker can cause a denial of service and possibly execution of arbitrary code, resulting in a loss of availability. In order to exploit this issue an attacker has to persuade the victim to open a malformed PALM image. |
Classification |
Location:
Local Access Required
Attack Type: Denial of Service, Input Manipulation Impact: Loss of Integrity, Loss of Availability Exploit: Exploit Unknown Disclosure: OSVDB Verified, Vendor Verified |
Solution |
Currently, there are no known workarounds or upgrades to correct this issue. However, Suse/Novell, Ubuntu, Debian, Gentoo, RedHat and Mandriva have released patches to address this vulnerability. |
Products |
|
Credit |
|