Published: 04/01/2006 Updated: 19/10/2018

CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9

VMScore: 454

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program.

Vulnerable Product	Search on Vulmon	Subscribe to Product
imagemagick imagemagick 6.2.3

Florian Weimer discovered that the delegate code did not correctly handle file names which embed shell commands (CVE-2005-4601) Daniel Kobras found a format string vulnerability in the SetImageInfo() function (CVE-2006-0082) By tricking a user into processing an image file with a specially crafted file name, these two vulnerabilities could be exp ...

Several remote vulnerabilities have been discovered in Imagemagick, a collection of image manipulation programs, which may lead to the execution of arbitrary code The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-0082 Daniel Kobras discovered that Imagemagick is vulnerable to format string attack ...

Debian Bug report logs - #385062 CVE-2006-3743/-3744: ImageMagick XCF and Sun Rasterfile Buffer Overflows Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported by: Stefan Fritsch &l ...

Debian Bug report logs - #345595 libmagick: array index overflow in DisplayImageCommand Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported by: Eero Häkkinen <eero17@bigfootc ...

Debian Bug report logs - #383314 libmagick9: Buffer overflow in SGI parser [CVE-2006-4144] Package: libmagick9; Maintainer for libmagick9 is (unknown); Reported by: Martin Pitt <martinpitt@ubuntucom> Date: Wed, 16 Aug 2006 14:48:06 UTC Severity: grave Tags: fixed, patch, security Found in versions 6245dfsg1-09, 6:6 ...

Debian Bug report logs - #345238 [CVE-2005-4601] Shell command injection in delegate code (via file names) Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported by: Florian Weimer & ...

Debian Bug report logs - #393025 Buffer overflows in imagemagick Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported by: Stefan Fritsch <sf@sfritschde> Date: Sat, 14 Oct ...

Debian Bug report logs - #345876 [CVE-2006-0082] imagemagick: New format string vulnerability in SetImageInfo() Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported by: Daniel Kob ...

Debian Bug report logs - #410435 imagemagick: Buffer overflow vulnerability in PALM coder (CVE-2007-0770) Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported by: Daniel Kobras &l ...

Get Started

CVE-2006-0082

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect