Vulnerability Details : CVE-2006-2440
Heap-based buffer overflow in the libMagick component of ImageMagick 188.8.131.52 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2006-2440
Probability of exploitation activity in the next 30 days: 1.24%
CVSS scores for CVE-2006-2440
|Base Score||Base Severity||CVSS Vector||Exploitability Score||Impact Score||Source|
Vendor statements for CVE-2006-2440
Red Hat 2006-09-19Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192278 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/ This issue does not affect Red Hat Enterprise Linux 2.1 or 3.