CVE-2006-2440: Buffer Overflow
First published: Thu May 18 2006(Updated: )
Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ImageMagick ImageMagick | =6.0.6.2 | |
| ImageMagick ImageMagick | =6.2.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595
- http://www.debian.org/security/2006/dsa-1168
- http://secunia.com/advisories/21719
- http://www.redhat.com/support/errata/RHSA-2007-0015.html
- http://secunia.com/advisories/24186
- http://secunia.com/advisories/24284
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9481
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/references
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/imagemagick
- canonical/imagemagick imagemagick
- version/imagemagick imagemagick/6.0.6.2
- version/imagemagick imagemagick/6.2.4