CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
92.9%
Vladimir Nadvornik discovered that the fix for CVE-2006-5456, released
in USN-372-1, did not correctly solve the original flaw in PALM image
handling. By tricking a user into processing a specially crafted image
with an application that uses imagemagick, an attacker could execute
arbitrary code with the user’s privileges.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 6.10 | noarch | libmagick9 | < 7:6.2.4.5.dfsg1-0.10ubuntu0.2 | UNKNOWN |
Ubuntu | 6.06 | noarch | libmagick9 | < 6:6.2.4.5-0.6ubuntu0.5 | UNKNOWN |
Ubuntu | 5.10 | noarch | libmagick6 | < 6:6.2.3.4-1ubuntu1.6 | UNKNOWN |