CVE-2006-5868

2006-11-2201:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-5868

imagemagick

buffer overflow

sgi image

security vulnerability

6.3 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.023 Low

EPSS

Percentile

89.7%

JSON

Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.

CPENameOperatorVersion
imagemagick:imagemagickimagemagicklt6.0.6.2
imagemagick:imagemagickimagemagicklt6.2.4.5
debian:debian_linuxdebian debian linuxeq3.1
debian:debian_linuxdebian debian linuxeq4.0
canonical:ubuntu_linuxcanonical ubuntu linuxeq6.06
canonical:ubuntu_linuxcanonical ubuntu linuxeq5.10

CPE	Name	Operator	Version
imagemagick:imagemagick	imagemagick	lt	6.0.6.2
imagemagick:imagemagick	imagemagick	lt	6.2.4.5
debian:debian_linux	debian debian linux	eq	3.1
debian:debian_linux	debian debian linux	eq	4.0
canonical:ubuntu_linux	canonical ubuntu linux	eq	6.06
canonical:ubuntu_linux	canonical ubuntu linux	eq	5.10