Bug 177093 – VUL-0: imagemagick buffer overflow

Bug 177093 - VUL-0: imagemagick buffer overflow


Summary:	VUL-0: imagemagick buffer overflow

Status:	RESOLVED DUPLICATE of bug 141390

Classification:	openSUSE
Product:	SUSE Linux 10.1
Classification:	openSUSE
Component:	Basesystem
Version:	Final
Hardware:	Other Other

Priority:	P5 - None Severity: Normal (vote)
Target Milestone:	---
Assigned To:	Vladimir Nadvornik
QA Contact:	E-mail List

URL:
Whiteboard:	CVE-2006-2440: CVSS v2 Base Score: 7....
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2006-05-19 09:14 UTC by Marcus Meissner
Modified:	2009-10-13 21:59 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Other
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2006-05-19 09:14:29 UTC

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2440

Heap-based buffer overflow in the libMagick componet of ImageMagick
6.0.6.2 might allow attackers to execute arbitrary code via an image
index array that triggers the overflow during filename glob expansion
by the ExpandFilenames function.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595

(if this can only be triggered locally, stable fix is sufficient).

Comment 1 Vladimir Nadvornik 2006-05-19 09:38:57 UTC

We already have this patch, under name ImageMagick-6.2.5-arg-expansion.patch.
It was added togeter with fix for bug #141390

*** This bug has been marked as a duplicate of 141390 ***

Comment 2 Thomas Biege 2009-10-13 21:59:53 UTC

CVE-2006-2440: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)