Forum Thread: ImageMagick

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
ImageMagick Studio LLC
And, this specific program:
ImageMagick 6.x

This thread has been marked as locked.
booge007 ImageMagick
Member 9th Aug, 2011 18:00
Ranking: 0
Posts: 4
User Since: 13th Aug, 2009
System Score: N/A
Location: NL
My PSI scan reported one problem: the version of imageMagick 6.x was 6.2.6. while the latest version including one or more security fixes is 6.5.2.9.

Program state: Insecure

PSI shows the following path:
C:\Program Files\ZyXEL\ZyXEL Digital Media Server\convert.exe

I don't know how to fix this problem.

Maurice Joyce RE: ImageMagick
Handling Contributor 9th Aug, 2011 18:24
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Could U please produce the full PSI Troubleshooting Report as follows:


FINDING A FILE PATH

From the DASHBOARD page click on SCAN RESULTS.

1. This will list all your programmes with a + to the left of each one.
2. Click the + sign next to the item that U want help with.
3. This will reveal the path under DETECTED INSTANCES.
4. Highlight it then copy (CTRL+C) then paste (CTRL+V)) that path back to the Forum.
OR THIS METHOD WHICH GIVES A HELPER MORE INFORMATION
4a Below DETECTED INSTANCES you will see You can double click this row for additional information & options>double click it>a box will appear>click TROUBLESHOOT REPORT>Now highlight the information revealed from START to END & copy it (CTRL+C) then post it to the Forum (CTRL+V)

The end result U post to the Forum should look like this:
---START---

Program Name:
Apple iTunes 10.x

Security State:
Insecure

Download Link:
http://appldnld.apple.com/iTunes10/061-9638.201103...

Instances Found:
C:\Program Files\iTunes\iTunes.exe, version: 10.1.2.17

Last System Scan (localtime):
3. Mar 2011, 16:47

Operating System:
Microsoft Windows XP Home Edition, Service Pack 3

---END---
Update 9 09:33 13/03/2011

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+2
-0
booge007 RE: ImageMagick
Member 9th Aug, 2011 18:30
Score: 0
Posts: 4
User Since: 13th Aug 2009
System Score: N/A
Location: NL
This is the full report:

---START---

Program Name:
ImageMagick 6.x

Security State:
Insecure

Download Link:


Instances Found:
C:\Program Files\ZyXEL\ZyXEL Digital Media Server\convert.exe, version: 6.2.6

Last System Scan (localtime):
9. Aug 2011, 17:18

Operating System:
Microsoft Windows 7,

---END---
Was this reply relevant?
+0
-0
Maurice Joyce RE: ImageMagick
Handling Contributor 9th Aug, 2011 18:34
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Thank you.



DELETING A FILE OR FOLDER USING PSI VERSION 2

To delete a vulnerable file or folder found by PSI try this:

1. Open PSI>Scan results.

2. Against the programme marked as vulnerable is a + sign to the left of it.

3. Click that & it will reveal DETECTED INSTANCES.

4. Below that are two yellow folders. Click the one WITHOUT a red dot.

5. That will open Windows Explorer & U will be able to see the vulnerable file or folder.
C:\Program Files\ZyXEL\ZyXEL Digital Media Server\convert.exe, version: 6.2.6

6. Right click on it & select delete.

7. Carry out a full PSI scan & all should be in order.

Update 1 20:49 09/03/2011


--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+2
-0
booge007 RE: ImageMagick
Member 9th Aug, 2011 18:49
Score: 0
Posts: 4
User Since: 13th Aug 2009
System Score: N/A
Location: NL
Thanks for your qucik response!

Are you sure I can delete the file convert.exe?
Don't I need an updated version or something like that?
Was this reply relevant?
+0
-0
Maurice Joyce RE: ImageMagick
Handling Contributor 9th Aug, 2011 19:32
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK


My solution clears the reported vulnerability only. The PSI report does not give a download link so I suspect U require to go here first if U are looking to update the system & try to overwrite the older version.

http://www.zyxel.com/homepage.shtml or here

http://us.zyxel.com/Products/details.aspx?PC1Index...

Once U have installed the latest version hopefully it should clear the vulnerability - if not U need to clear it as described in my previous post.





--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+1
-0
booge007 RE: ImageMagick
Member 9th Aug, 2011 23:30
Score: 0
Posts: 4
User Since: 13th Aug 2009
System Score: N/A
Location: NL
Hi Maurice,

I just got a 100% on the secunia system score!
I deleted the file as you advised and I installed new firmware for my Zyxel Media streamer (it took me a little time to find out how to do that).
I tested the streamer and everything works properly!
Thanks for your advice.
This topic can be closed!

Peter
Was this reply relevant?
+0
-0
Maurice Joyce RE: ImageMagick
Handling Contributor 9th Aug, 2011 23:36
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Peter,
Good news. I will lock the thread for U. That will prevent U & I from getting update emails from "tag on" posts.

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+1
-0

This thread has been marked as locked.