Описание
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 6.2.4.5-0.6ubuntu0.6 |
| devel | released | 6.2.4.5.dfsg1-1ubuntu1 |
| edgy | released | 6.2.4.5.dfsg1-0.10ubuntu0.3 |
| feisty | released | 6.2.4.5.dfsg1-0.14ubuntu0.1 |
| upstream | needs-triage |
Показывать по
5.1 Medium
CVSS2
Связанные уязвимости
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program.
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program.
Format string vulnerability in the SetImageInfo function in image.c fo ...
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program.
5.1 Medium
CVSS2