Oval Definition:	oval:org.mitre.oval:tst:32501
Comment: ImageMagick is earlier than 0:5.5.6-18 Type: rpminfo_test Namespace: linux Check_Existence: at_least_one_exists Check: at least one State Operator: AND References Object: oval:org.mitre.oval:obj:13854 State: oval:org.mitre.oval:ste:10110 Referencing Definitions Definition ID Class Title Last Modified oval:org.mitre.oval:def:10353 V The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command. 2013-04-29 oval:org.mitre.oval:def:10717 V Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program. 2013-04-29
BACK