Bug 177093

Summary: VUL-0: imagemagick buffer overflow
Product: [openSUSE] SUSE Linux 10.1 Reporter: Marcus Meissner <meissner>
Component: BasesystemAssignee: Vladimir Nadvornik <nadvornik>
Status: RESOLVED DUPLICATE QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: security-team
Version: Final   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: CVE-2006-2440: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Marcus Meissner 2006-05-19 09:14:29 UTC 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2440

Heap-based buffer overflow in the libMagick componet of ImageMagick
6.0.6.2 might allow attackers to execute arbitrary code via an image
index array that triggers the overflow during filename glob expansion
by the ExpandFilenames function.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595

(if this can only be triggered locally, stable fix is sufficient).
Comment 1 Vladimir Nadvornik 2006-05-19 09:38:57 UTC 
We already have this patch, under name ImageMagick-6.2.5-arg-expansion.patch.
It was added togeter with fix for bug #141390

*** This bug has been marked as a duplicate of 141390 ***
Comment 2 Thomas Biege 2009-10-13 21:59:53 UTC 
CVE-2006-2440: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)