CESA-2010:0653 -- centos 4 i386 ImageMagickID: oval:org.secpod.oval:def:200191 | Date: (C)2012-01-31 (M)2021-06-02 |
Class: PATCH | Family: unix |
ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the ImageMagick routine responsible for creating X11 images. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. Users of ImageMagick are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running instances of ImageMagick must be restarted for this update to take effect.