CVE-2006-2440

Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595	Patch
http://www.debian.org/security/2006/dsa-1168
http://secunia.com/advisories/21719
http://www.redhat.com/support/errata/RHSA-2007-0015.html
http://secunia.com/advisories/24186
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
http://secunia.com/advisories/24284
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9481

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:imagemagick:imagemagick:6.2.4:::::::*
	cpe:2.3:a:imagemagick:imagemagick:6.0.6.2:::::::*

Information

Published : 2006-05-18 03:02

Updated : 2017-10-11 18:29

NVD link : CVE-2006-2440

Mitre link : CVE-2006-2440

JSON object : View

CWE

NVD-CWE-Other

Products Affected

imagemagick

imagemagick

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595", "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://www.debian.org/security/2006/dsa-1168", "name": "DSA-1168", "tags": [], "refsource": "DEBIAN"}, {"url": "http://secunia.com/advisories/21719", "name": "21719", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0015.html", "name": "RHSA-2007:0015", "tags": [], "refsource": "REDHAT"}, {"url": "http://secunia.com/advisories/24186", "name": "24186", "tags": [], "refsource": "SECUNIA"}, {"url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc", "name": "20070201-01-P", "tags": [], "refsource": "SGI"}, {"url": "http://secunia.com/advisories/24284", "name": "24284", "tags": [], "refsource": "SECUNIA"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9481", "name": "oval:org.mitre.oval:def:9481", "tags": [], "refsource": "OVAL"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-2440", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2006-05-18T10:02Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:imagemagick:imagemagick:6.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:imagemagick:imagemagick:6.0.6.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-10-12T01:29Z"}

7.5 /10