关键漏洞信息 漏洞名称 ImageMagick vulnerabilities 公布日期 1 May 2012 漏洞概览 ImageMagick could be made to crash or run programs as your login if it opened a specially crafted file. 漏洞详情 CVE-2012-0247 and CVE-2012-1185: ImageMagick incorrectly handled certain ResolutionUnit tags. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. CVE-2012-0248 and CVE-2012-1186: ImageMagick incorrectly handled certain IFD structures. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. CVE-2012-1798 and others: Other vulnerabilities discovered in ImageMagick. 发布版本 12.04 11.10 11.04 10.04 更新说明 The problem can be corrected by updating your system to the following package versions: 12.04 precise - libmagick++4: 8:6.6.9.7-5ubuntu3.1 - imagemagick: 8:6.6.9.7-5ubuntu3.1 11.10 oneiric - imagemagick: 8:6.6.0.4-3ubuntu1.1 - libmagick++3: 8:6.6.0.4-3ubuntu1.1 11.04 natty - imagemagick: 7:6.6.2.6-1ubuntu4.1 - libmagick++3: 7:6.6.2.6-1ubuntu4.1 10.04 lucid - imagemagick: 7:6.5.7.8-1ubuntu1.2 - libmagick++2: 7:6.5.7.8-1ubuntu1.2 相关CVE CVE-2012-1798 CVE-2012-1610 CVE-2012-1186 CVE-2012-1185 CVE-2012-0259 CVE-2012-0248 CVE-2012-0247