CVE-2006-0082

EPSS 3.9%

imagemagick

發布日:2006/1/4修改日:2026/4/28

也稱為:DEBIAN-CVE-2006-0082

描述

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program.

受影響套件(3)

Debian/imagemagickfrom 0, < 6:6.2.4.5-0.6
Debian/imagemagickfrom 0, < 6:6.0.6.2-2.8
Debian/imagemagickfrom 0, < 6:6.0.6.2-2.8

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-0082