Bugzilla – Bug 177093
VUL-0: imagemagick buffer overflow
Last modified: 2009-10-13 21:59:53 UTC
Heap-based buffer overflow in the libMagick componet of ImageMagick
220.127.116.11 might allow attackers to execute arbitrary code via an image
index array that triggers the overflow during filename glob expansion
by the ExpandFilenames function.
(if this can only be triggered locally, stable fix is sufficient).
We already have this patch, under name ImageMagick-6.2.5-arg-expansion.patch.
It was added togeter with fix for bug #141390
*** This bug has been marked as a duplicate of 141390 ***
CVE-2006-2440: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)