This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
Multiple buffer overflows in ImageMagick before 6.2.9 allow
user-assisted attackers to execute arbitrary code via crafted XCF
Multiple integer overflows in ImageMagick before 6.2.9 allows
user-assisted attackers to execute arbitrary code via crafted Sun
bitmap images that trigger heap-based buffer overflows.
Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick
before 6.2.9 allows user-assisted attackers to cause a denial of
service (crash) and possibly execute arbitrary code via large (1)
bytes_per_pixel, (2) columns, and (3) rows values, which trigger a
heap-based buffer overflow. (CVE-2006-4144)
The updated packages have been patched to correct these issues.
Update the affected packages.
Risk factor :
High / CVSS Base Score : 9.3
Family: Mandriva Local Security Checks
Nessus Plugin ID: 23899 (mandrake_MDKSA-2006-155.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now