CVE-2006-0082

CVSS 5.1 - MEDIUM
Description

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program.

Affected Products
1
Vendor Product Version
imagemagick imagemagick 6.2.3
References
ftp://patches.sgi.com/support/free/security/adviso...
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=3...
http://rhn.redhat.com/errata/RHSA-2006-0178.html
http://secunia.com/advisories/18261
http://secunia.com/advisories/18607
http://secunia.com/advisories/18851
http://secunia.com/advisories/18871
http://secunia.com/advisories/19030
http://secunia.com/advisories/19183
http://secunia.com/advisories/19408
http://secunia.com/advisories/22998
http://secunia.com/advisories/23090
http://secunia.com/advisories/28800
http://securityreason.com/securityalert/500
http://securitytracker.com/id?1015623
http://slackware.com/security/viewer.php?l=slackwa...
http://sunsolve.sun.com/search/document.do?assetke...
http://www.debian.org/security/2006/dsa-1213
http://www.gentoo.org/security/en/glsa/glsa-200602...
http://www.gentoo.org/security/en/glsa/glsa-200602...
Weakness Types
CWE-134
CVE Information
CVE ID:
CVE-2006-0082
Published:
2006-01-04
Modified:
2026-04-16
CVSS Score:
5.1
Severity:
MEDIUM
Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P
Affected Vendors
imagemagick
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL