SuSE 10 Security Update : ImageMagick (ZYPP Patch Number 8104)
High Nessus Plugin ID 59602
The remote SuSE 10 host is missing a security-related patch.
This update of ImageMagick fixes multiple security vulnerabilities that could have been exploited by attackers via specially crafted image files : - Integer overflow when processing EXIF directory entries with tags of e.g. format 5 (EXIF_FMT_URATIONAL) and a large components count. (CVE-2012-0259 / CVE-2012-1610) - Integer overflows via 'number_bytes' and 'offset' could lead to memory corruption. (CVE-2012-0247 / CVE-2012-1185) - Denial of service via 'profile.c'. (CVE-2012-0248 / CVE-2012-1186) - Denial of service via JPEG restart markers (excessive CPU consumption). (CVE-2012-0260)