2.6

CVE-2006-4144

Exploit
Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ImagemagickImagemagick Version6.0.1
ImagemagickImagemagick Version6.0.2
ImagemagickImagemagick Version6.0.2.5
ImagemagickImagemagick Version6.0.3
ImagemagickImagemagick Version6.0.4
ImagemagickImagemagick Version6.0.5
ImagemagickImagemagick Version6.0.6
ImagemagickImagemagick Version6.0.7
ImagemagickImagemagick Version6.0.8
ImagemagickImagemagick Version6.1
ImagemagickImagemagick Version6.1.1.6
ImagemagickImagemagick Version6.1.2
ImagemagickImagemagick Version6.1.3
ImagemagickImagemagick Version6.1.4
ImagemagickImagemagick Version6.1.5
ImagemagickImagemagick Version6.1.6
ImagemagickImagemagick Version6.1.7
ImagemagickImagemagick Version6.1.8
ImagemagickImagemagick Version6.2
ImagemagickImagemagick Version6.2.0.4
ImagemagickImagemagick Version6.2.0.7
ImagemagickImagemagick Version6.2.1
ImagemagickImagemagick Version6.2.2
ImagemagickImagemagick Version6.2.4
ImagemagickImagemagick Version6.2.4.5
ImagemagickImagemagick Version6.2.5
ImagemagickImagemagick Version6.2.6
ImagemagickImagemagick Version6.2.7
ImagemagickImagemagick Version6.2.8
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.21% 0.951
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.6 4.9 2.9
AV:N/AC:H/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/22998
http://www.debian.org/security/2006/dsa-1213
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc
http://secunia.com/advisories/22036
http://secunia.com/advisories/21462
Patch
Vendor Advisory
http://secunia.com/advisories/21525
http://secunia.com/advisories/21621
http://secunia.com/advisories/21671
http://secunia.com/advisories/21679
http://secunia.com/advisories/21832
http://secunia.com/advisories/22096
http://security.gentoo.org/glsa/glsa-200609-14.xml
http://securityreason.com/securityalert/1385
http://securitytracker.com/id?1016699
http://www.mandriva.com/security/advisories?name=MDKSA-2006:155
http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html
http://www.overflow.pl/adv/imsgiheap.txt
Exploit
http://www.redhat.com/support/errata/RHSA-2006-0633.html
http://www.securityfocus.com/archive/1/443208/100/0/threaded
http://www.securityfocus.com/archive/1/443362/100/0/threaded
http://www.securityfocus.com/bid/19507
Exploit
http://www.ubuntu.com/usn/usn-337-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/28372
https://issues.rpath.com/browse/RPL-605
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11129