Package: imagemagick Version: 7:6.3.7.9.dfsg2-1~lenny3 Severity: grave Tags: security Justification: user security hole
ImageMagick reads several configuration files[0] from the current working directory. Unfortunately, this allows local attackers to execute arbitrary code if ImageMagick is run from an untrusted directory.
Steps to reproduce this bug: 1. As an attacker, put the attached files in /tmp. 2. As a victim, in /tmp run: $ convert /path/to/foo.png /path/to/bar.png All your base are belong to us. convert: missing an image filename `/path/to/bar.png'. [0] http://www.imagemagick.org/script/resources.php -- Jakub Wilk
coder.xml
Description: XML document
delegates.xml
Description: XML document
signature.asc
Description: Digital signature
