Vulnerabilities > Imagemagick > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-05-18 | CVE-2006-2440 | Remote Security vulnerability in Imagemagick 6.0.6.2/6.2.4 Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function. | 7.5 |
2005-12-31 | CVE-2005-4601 | Remote Command Execution vulnerability in Imagemagick 6.2.4.5 The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command. | 7.5 |
2005-11-16 | CVE-2005-3582 | Packages Insecure RUNPATH vulnerability in Gentoo Linux ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime. | 7.2 |
2005-05-02 | CVE-2005-0762 | Unspecified vulnerability in Imagemagick Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to execute arbitrary code via a crafted SGI image file. | 7.5 |
2005-05-02 | CVE-2005-0397 | Unspecified vulnerability in Imagemagick Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications. | 7.5 |
2005-05-02 | CVE-2005-0005 | Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. | 7.5 |
2004-12-31 | CVE-2004-0817 | BMP Image Decoding Buffer Overflow vulnerability in IMLib/IMLib2 Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. network low complexity enlightenment imagemagick sun conectiva mandrakesoft redhat suse turbolinux ubuntu | 7.5 |
2004-09-16 | CVE-2004-0827 | Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. network low complexity enlightenment imagemagick sun conectiva mandrakesoft redhat suse turbolinux ubuntu | 7.5 |
2003-08-18 | CVE-2003-0555 | Denial-Of-Service vulnerability in Imagemagick 5.4.3 ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a "%x" filename, possibly triggering a format string vulnerability. | 7.5 |