CVE-2005-4601

EPSS 11.9%

imagemagick - missing shell meta sanitising

發布日:2005/12/31修改日:2026/4/28

描述

The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command.

受影響套件(3)

Debian/graphicsmagickfrom 0, < 1.1.7-1
Debian/imagemagickfrom 0, < 6:6.2.4.5-0.6
Debian/imagemagickfrom 0, < 4:5.4.4.5-1woody8

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-4601