Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: debian
Published: 2006-01-04T23:00:00
Updated: 2024-08-07T16:18:20.755Z
Reserved: 2006-01-04T00:00:00
Link: CVE-2006-0082
Vulnrichment
No data.
NVD
Status : Modified
Published: 2006-01-04T23:03:00.000
Modified: 2024-11-21T00:05:36.653
Link: CVE-2006-0082
Redhat