cve/2006/CVE-2006-0082.md

CVE-2006-0082

Description

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program.

POC

Reference

• http://securityreason.com/securityalert/500
• http://www.ubuntu.com/usn/usn-246-1

Github

No PoCs found on GitHub currently.