RHEL 3 : ImageMagick (RHSA-2004:480)
High Nessus Plugin ID 15535
SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionUpdated ImageMagick packages that fix a BMP loader vulnerability are now available.
ImageMagick(TM) is an image display and manipulation tool for the X Window System.
A heap overflow flaw has been discovered in the ImageMagick image handler. An attacker could create a carefully crafted BMP file in such a way that it could cause ImageMagick to execute arbitrary code when processing the image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0827 to this issue.
Users of ImageMagick should upgrade to this updated package, which contains a backported patch, and is not vulnerable to this issue.
SolutionUpdate the affected packages.