CVE-2010-4167
Published: 22 November 2010
Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory.
Notes
Author | Note |
---|---|
mdeslaur | PoC in debian bug. |
Priority
Status
Package | Release | Status |
---|---|---|
imagemagick Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Released
(7:6.3.7.9.dfsg1-2ubuntu1.2)
|
|
karmic |
Released
(7:6.5.1.0-1.1ubuntu3.1)
|
|
lucid |
Released
(7:6.5.7.8-1ubuntu1.1)
|
|
maverick |
Released
(7:6.6.2.6-1ubuntu1.1)
|
|
upstream |
Released
(6.6.5-5)
|