ImageMagick 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1156786853
업데이트 : 2006.08.29
상세내용
CVE-2006-3743:
CVE-2006-3744:
CVE-2006-4144:
Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before
6.2.9 allows user-assisted attackers to cause a denial of service (crash) and
possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns,
and (3) rows values, which trigger a heap-based buffer overflow.
Autoupdates 지원 : Packages System
pkgadd -F ImageMagick*
update 패키지
RPMS :
. ImageMagick-5.5.6-20.i686.rpm
. ImageMagick-devel-5.5.6-20.i686.rpm
SRPMS :
. ImageMagick-5.5.6-20.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3743
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3744
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4144
|