[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-3744Date: (C)2006-08-24   (M)2024-02-09


Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.1
Exploit Score: 4.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1016749
BID-19699
20060901-01-P
SECUNIA-21615
SECUNIA-21621
SECUNIA-21671
SECUNIA-21679
SECUNIA-21719
SECUNIA-21780
SECUNIA-21832
SECUNIA-22036
SECUNIA-22096
OSVDB-28204
ADV-2006-3375
DSA-1168
GLSA-200609-14
MDKSA-2006:155
RHSA-2006:0633
SUSE-SA:2006:050
USN-340-1
http://bugs.gentoo.org/show_bug.cgi?id=144854
https://issues.rpath.com/browse/RPL-605
imagemagick-rasterfile-bo(28574)

CPE    16
cpe:/a:imagemagick:imagemagick:6.2
cpe:/a:imagemagick:imagemagick:6.2.7
cpe:/a:imagemagick:imagemagick:6.2.6
cpe:/a:imagemagick:imagemagick:6.2.5
...
CWE    1
CWE-189
OVAL    2
oval:org.secpod.oval:def:1000398
oval:org.secpod.oval:def:1000390

© SecPod Technologies