OpenCVE

Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Canonical	Ubuntu Linux
Debian	Debian Linux
Imagemagick	Imagemagick
Redhat	Enterprise Linux

Configuration 1 [-]

OR	cpe:2.3:a:imagemagick:imagemagick::::::::
	cpe:2.3:a:imagemagick:imagemagick::::::::

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:3.1:::::::*
	cpe:2.3:o:debian:debian_linux:4.0:::::::*

Configuration 3 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:5.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 2.1
ImageMagick-0:5.3.8-18	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2007:0015	2007-02-15T00:00:00Z
Red Hat Enterprise Linux 3
ImageMagick-0:5.5.6-24	cpe:/o:redhat:enterprise_linux:3	RHSA-2007:0015	2007-02-15T00:00:00Z
Red Hat Enterprise Linux 4
ImageMagick-0:6.0.7.1-16.0.3	cpe:/o:redhat:enterprise_linux:4	RHSA-2007:0015	2007-02-15T00:00:00Z

References

Link	Providers
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
http://secunia.com/advisories/22998
http://secunia.com/advisories/23101
http://secunia.com/advisories/23219
http://secunia.com/advisories/24186
http://secunia.com/advisories/24284
http://www.debian.org/security/2006/dsa-1213
http://www.mandriva.com/security/advisories?name=MDKSA-2006:223
http://www.redhat.com/support/errata/RHSA-2007-0015.html
http://www.securityfocus.com/bid/21185
http://www.ubuntu.com/usn/usn-386-1
https://nvd.nist.gov/vuln/detail/CVE-2006-5868
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10612
https://www.cve.org/CVERecord?id=CVE-2006-5868

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-11-22T01:00:00

Updated: 2024-08-07T20:04:55.601Z

Reserved: 2006-11-14T00:00:00

Link: CVE-2006-5868

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-11-22T01:07:00.000

Modified: 2024-11-21T00:20:53.317

Link: CVE-2006-5868

Redhat

Severity : Moderate

Publid Date: 2006-09-29T00:00:00Z

Links: CVE-2006-5868 - Bugzilla

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object