6.4 Medium
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.04 Low
EPSS
Percentile
92.0%
Vladimir Nadvornik discovered that the fix for CVE-2006-5456, released
in USN-372-1, did not correctly solve the original flaw in PALM image
handling. By tricking a user into processing a specially crafted image
with an application that uses imagemagick, an attacker could execute
arbitrary code with the user’s privileges.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 6.10 | noarch | libmagick9 | <Â 7:6.2.4.5.dfsg1-0.10ubuntu0.2 | UNKNOWN |
Ubuntu | 6.06 | noarch | libmagick9 | <Â 6:6.2.4.5-0.6ubuntu0.5 | UNKNOWN |
Ubuntu | 5.10 | noarch | libmagick6 | <Â 6:6.2.3.4-1ubuntu1.6 | UNKNOWN |