Forum Thread: ImageMagick 6.x Vulnerability SA48679

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
ImageMagick Studio LLC
And, this specific program:
ImageMagick 6.x

This thread has been marked as locked.
Rad_Reg ImageMagick 6.x Vulnerability SA48679
Member 14th May, 2012 23:17
Ranking: 0
Posts: 3
User Since: 14th May, 2012
System Score: N/A
Location: US
Want to start off by saying I Love Secunia PSI... It keeps me on the leading edge of avoiding software vulnerabilities.

That being said, I am having an issue with what I believe is a false positive on an ImageMagick 6.x vulnerability as outlined in SA48679. During a scan, I recieve a vulnerabilities on my Tversity Media Sever and on an Adobe After Effects Mocha plugin. The install file from Secunia did not appear to have the latest version, nor the dll file outlined in the "Zombie installations". So I installed the latest version of ImageMagick 6.7.6-9-Q16 with the C++ files (dll files used in "zobie installations") from the author's website. I then copied over the Core_RL_Magick.dll file from the new installation and overwrote the older 6.7.6-4 files that were included in the 3rd party software packages to ensure I wasn't vulnerable in those software locations.

However, now when I scan, I still get the same vulnerability highlighting these files, and it still flags the above dll file along with the actual ImageMagick installation that I had to download in order to get the Core_RL_Magick.dll file referenced above.

I believe the issue is that it recognizes the latest ImageMagick 6.x file version as 6.7.6-Q16 rather than 6.7.6-9-Q16 as outlined on the author's site. I believe that this is still falesly flagging the vulnerability even with the latest version.

Can someone please ensure that the databse is updated so that if the latest version is utilized that the vulnerability is not still shown??? I would believe a 6.7.6-9-X would have the security fixes flagged as being fixed in 6.7.5+...

Thanks,
Reggie


jongreen RE: ImageMagick 6.x Vulnerability SA48679
Member 14th May, 2012 23:43
Score: 0
Posts: 2
User Since: 22nd Dec 2007
System Score: N/A
Location: N/A
PSI also identifies CORE_RL_magick_.dll (part of Calibre2) as part of ImageMagick. The link to ImageMagick dl's the incorrect version and does nothing to correct the Calibre problem.
Was this reply relevant?
+0
-0
Maurice Joyce RE: ImageMagick 6.x Vulnerability SA48679
Handling Contributor 15th May, 2012 00:17
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 15th May, 2012 14:44
See this thread for more information.

http://secunia.com/community/forum/thread/show/126...

My email to Support includes this thread for them to comment on.

EDIT

By clicking on my link above U will note Secunia have responded. Can U please confirm your problem is fixed?


--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+1
-0
jongreen RE: ImageMagick 6.x Vulnerability SA48679
Member 15th May, 2012 18:38
Score: 0
Posts: 2
User Since: 22nd Dec 2007
System Score: N/A
Location: N/A
Problem solved. Thanks.
Was this reply relevant?
+0
-0
Rad_Reg RE: ImageMagick 6.x Vulnerability SA48679
Member 16th May, 2012 05:20
Score: 0
Posts: 3
User Since: 14th May 2012
System Score: N/A
Location: US
I am still recieving the error with the 6.7.6-9-Q16 version of the files.
Was this reply relevant?
+0
-0
Maurice Joyce RE: ImageMagick 6.x Vulnerability SA48679
Handling Contributor 16th May, 2012 09:08
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
There could still be issues with the files as explained here:


22nd Mar, 2012 14:56
Score: 25
Posts: 37
User Since: 12th May 2011
System Score: N/A
Location: Copenhagen, DK
Hi,

There is an issue in this software.

The issue is, that the vendor is providing the same version information in both version 6.7.6-0 and 6.7.6-1.

The vendor is not updating the "-x" number, which means that every version of the 6.7.6 branch has the same version information.

We have looked at all the .exe files for the software as well as all the .dll files, and are trying to figure out a way of taking care of this issue, but most likely, we will not be able to solve this until the vendor starts giving the whole version number in the file information for the software files.

Hope you understand.

--
Kind regards,

Munib Rehman
Secunia PSI Support

Secunia PSI
http://secunia.com/vulnerability_scanning/personal...

Try suggesting the programme.
1. From the DASHBOARD page click on RESULTS.
2. On the RESULTS page look above the tab INSTALL SOLUTION & U will see a green icon & ARE YOU MISSING A PROGRAM?
3. Click it. Fill out the details requested.
4. Click SUGGEST SOFTWARE.


--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+1
-0
mrmikel RE: ImageMagick 6.x Vulnerability SA48679
Member 16th May, 2012 13:52
Score: 8
Posts: 5
User Since: 15th Apr 2011
System Score: N/A
Location: US
In so far as it concerns Calibre, the developer is updating to the latest version of Image Magick, for the Windows version and it will be released this Friday, on Calibre's usual update schedule.
Was this reply relevant?
+3
-0
Rad_Reg RE: ImageMagick 6.x Vulnerability SA48679
Member 17th May, 2012 00:47
Score: 0
Posts: 3
User Since: 14th May 2012
System Score: N/A
Location: US
Can a checksum be used instead of a versioning scheme? This can't be the only program you receive an issue on...
Was this reply relevant?
+0
-0
Oldbridge1 RE: ImageMagick 6.x Vulnerability SA48679
Member 17th May, 2012 01:47
Score: 0
Posts: 2
User Since: 16th May 2012
System Score: N/A
Location: US
Getting the still the error despite having downloaded the 64 bit latest version.
Was this reply relevant?
+0
-0

This thread has been marked as locked.