vulnerability
Ubuntu: USN-3142-2: ImageMagick regression
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:M/Au:N/C:C/I:C/A:C) | Feb 22, 2017 | Feb 23, 2017 | Feb 19, 2025 |
Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
Feb 22, 2017
Added
Feb 23, 2017
Modified
Feb 19, 2025
Description
USN-3142-1 fixed vulnerabilities in ImageMagick. The security fixes introduced a regression with text labels and a regression with the text coder. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.
Solutions
ubuntu-upgrade-imagemagickubuntu-upgrade-imagemagick-6-q16ubuntu-upgrade-libmagick-4ubuntu-upgrade-libmagick-5ubuntu-upgrade-libmagick-6-q16-5v5ubuntu-upgrade-libmagickcore-6-q16-2ubuntu-upgrade-libmagickcore-6-q16-2-extraubuntu-upgrade-libmagickcore4ubuntu-upgrade-libmagickcore4-extraubuntu-upgrade-libmagickcore5ubuntu-upgrade-libmagickcore5-extra
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.