CVE-2007-4985

Publication date 24 September 2007

Last updated 24 July 2024

Ubuntu priority

Low

Why this priority?

ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
graphicsmagick 8.10 intrepid
Fixed 1.1.11-1
8.04 LTS hardy
Fixed 1.1.11-1
7.10 gutsy Ignored end of life, was needed
7.04 feisty Ignored end of life, was needed
6.10 edgy Ignored end of life, was needed
6.06 LTS dapper Not in release
imagemagick 8.10 intrepid
Fixed 7:6.2.4.5.dfsg1-2ubuntu1
8.04 LTS hardy
Fixed 7:6.2.4.5.dfsg1-2ubuntu1
7.10 gutsy
Fixed 7:6.2.4.5.dfsg1-2ubuntu1
7.04 feisty
Fixed 7:6.2.4.5.dfsg1-0.14ubuntu0.2
6.10 edgy
Fixed 7:6.2.4.5.dfsg1-0.10ubuntu0.4
6.06 LTS dapper
Fixed 6:6.2.4.5-0.6ubuntu0.7

References

Related Ubuntu Security Notices (USN)

    • USN-523-1
    • ImageMagick vulnerabilities
    • 3 October 2007

Other references