7.5
CVE-2006-2440
- EPSS 2.86%
- Veröffentlicht 18.05.2006 10:02:00
- Zuletzt bearbeitet 16.06.2026 22:25:00
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Imagemagick ≫ Imagemagick Version6.0.6.2
Imagemagick ≫ Imagemagick Version6.2.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.86% | 0.849 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
http://secunia.com/advisories/24284
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595
http://secunia.com/advisories/21719
http://secunia.com/advisories/24186
http://www.debian.org/security/2006/dsa-1168
http://www.redhat.com/support/errata/RHSA-2007-0015.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9481