Lucene search

K
nvd[email protected]NVD:CVE-2005-0397
HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0397

2005-05-0204:00:00
web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.066 Low

EPSS

Percentile

93.8%

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications.

Affected configurations

NVD
Node
imagemagickimagemagickMatch5.2
OR
imagemagickimagemagickMatch5.3
OR
imagemagickimagemagickMatch5.4
OR
imagemagickimagemagickMatch5.5

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.066 Low

EPSS

Percentile

93.8%