VDB
CVE-2005-4601
CVE-2005-4601
PUBLISHED
CVSS 7.5 HIGH
The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command.
EPSS 11.89% · 93.9th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
11.89%
93.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| imagemagick | imagemagick | 6.2.4.5 |
Exploit Intelligence
- 18607 (circl)
- ADV-2008-0412 (circl)
- 19408 (circl)
- 20061127 rPSA-2006-0218-1 ImageMagick (circl)
- SUSE-SR:2006:006 (circl)
- SSA:2006-045-03 (circl)
- https://issues.rpath.com/browse/RPL-389 (circl)
- DSA-957 (circl)
- MDKSA-2006:024 (circl)
- 22121 (circl)
…and 14 more exploits
Timeline
- Dec 31, 2005 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
References
- imagemagick-filename-command-injection(23927) vdb
- 19408 third-party-advisory
- 20061127 rPSA-2006-0218-1 ImageMagick mailing-list
- SUSE-SR:2006:006 vendor-advisory
- SSA:2006-045-03 vendor-advisory
- ADV-2008-0412 vdb
- DSA-957 vendor-advisory
- MDKSA-2006:024 vendor-advisory
- 22121 vdb
- 23090 third-party-advisory
- https://issues.rpath.com/browse/RPL-389 url
- 18607 third-party-advisory
- 231321 vendor-advisory
- 16093 vdb
- USN-246-1 vendor-advisory
- 18871 third-party-advisory
- 28800 third-party-advisory
- oval:org.mitre.oval:def:10353 vdb
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345238 url
- 18261 third-party-advisory
…and 5 more