CVE-2005-0397

Published: 02 May 2005

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications.

Priority

Unknown

Status

Package Release Status
graphicsmagick
Launchpad, Ubuntu, Debian
Upstream Needs triage

imagemagick
Launchpad, Ubuntu, Debian
Upstream Needs triage