Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2440

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-2440
Last Modified 21 Aug 2010 12:47:21
Published 18 May 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2440

Summary

Heap-based buffer overflow in the libMagick componet of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function.

Vulnerable Systems

Application

  • Imagemagick 6.0.6.2

  • Imagemagick 6.2.4


References

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595

REDHAT - RHSA-2007:0015

DEBIAN - DSA-1168

SECUNIA - 24284

SECUNIA - 24186

SECUNIA - 21719

SGI - 20070201-01-P


Last Updated: 27 May 2016 10:42:28