CVE Vulnerabilities

CVE-2006-2440

Published: May 18, 2006 | Modified: Oct 12, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function.

Affected Software

Name Vendor Start Version End Version
Imagemagick Imagemagick 6.0.6.2 (including) 6.0.6.2 (including)
Imagemagick Imagemagick 6.2.4 (including) 6.2.4 (including)
Red Hat Enterprise Linux 2.1 RedHat ImageMagick-0:5.3.8-18 *
Red Hat Enterprise Linux 3 RedHat ImageMagick-0:5.5.6-24 *
Red Hat Enterprise Linux 4 RedHat ImageMagick-0:6.0.7.1-16.0.3 *

References