// For flags

CVE-2006-3743

 

Severity Score

8.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images.

Múltiples vulnerabilidades de desbordamiento de búfer en ImageMagick anterior a 6.2.9 permiten a atacantes con la intervención del usuario ejecutar código de su elección mediante imágenes XCF manipuladas.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-07-20 CVE Reserved
  • 2006-08-25 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-04-13 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (26)
URL Tag Source
http://secunia.com/advisories/22036 Third Party Advisory
http://secunia.com/advisories/22096 Third Party Advisory
http://www.vupen.com/english/advisories/2006/3375 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/28575 Vdb Entry
https://issues.rpath.com/browse/RPL-605 X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9895 Signature
URL Date SRC
URL Date SRC
http://bugs.gentoo.org/show_bug.cgi?id=144854 2017-10-11
http://secunia.com/advisories/21615 2017-10-11
http://secunia.com/advisories/21621 2017-10-11
http://secunia.com/advisories/21671 2017-10-11
http://secunia.com/advisories/21679 2017-10-11
http://secunia.com/advisories/21719 2017-10-11
http://secunia.com/advisories/21780 2017-10-11
http://secunia.com/advisories/21832 2017-10-11
http://securitytracker.com/id?1016749 2017-10-11
http://www.debian.org/security/2006/dsa-1168 2017-10-11
http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html 2017-10-11
http://www.osvdb.org/28205 2017-10-11
http://www.redhat.com/support/errata/RHSA-2006-0633.html 2017-10-11
http://www.securityfocus.com/bid/19697 2017-10-11
http://www.ubuntu.com/usn/usn-340-1 2017-10-11
URL Date SRC
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc 2017-10-11
http://security.gentoo.org/glsa/glsa-200609-14.xml 2017-10-11
http://www.mandriva.com/security/advisories?name=MDKSA-2006:155 2017-10-11
https://access.redhat.com/security/cve/CVE-2006-3743 2006-08-24
https://bugzilla.redhat.com/show_bug.cgi?id=1618158 2006-08-24
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Imagemagick
Search vendor "Imagemagick"
 Imagemagick
Search vendor "Imagemagick" for product "Imagemagick"
 6.2
Search vendor "Imagemagick" for product "Imagemagick" and version "6.2"
-
Affected
Imagemagick
Search vendor "Imagemagick"
 Imagemagick
Search vendor "Imagemagick" for product "Imagemagick"
 6.2.0.4
Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.0.4"
-
Affected
Imagemagick
Search vendor "Imagemagick"
 Imagemagick
Search vendor "Imagemagick" for product "Imagemagick"
 6.2.0.7
Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.0.7"
-
Affected
Imagemagick
Search vendor "Imagemagick"
 Imagemagick
Search vendor "Imagemagick" for product "Imagemagick"
 6.2.0.8
Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.0.8"
-
Affected
Imagemagick
Search vendor "Imagemagick"
 Imagemagick
Search vendor "Imagemagick" for product "Imagemagick"
 6.2.1
Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.1"
-
Affected
Imagemagick
Search vendor "Imagemagick"
 Imagemagick
Search vendor "Imagemagick" for product "Imagemagick"
 6.2.1.7
Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.1.7"
-
Affected
Imagemagick
Search vendor "Imagemagick"
 Imagemagick
Search vendor "Imagemagick" for product "Imagemagick"
 6.2.2
Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.2"
-
Affected
Imagemagick
Search vendor "Imagemagick"
 Imagemagick
Search vendor "Imagemagick" for product "Imagemagick"
 6.2.2.5
Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.2.5"
-
Affected
Imagemagick
Search vendor "Imagemagick"
 Imagemagick
Search vendor "Imagemagick" for product "Imagemagick"
 6.2.3
Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.3"
-
Affected
Imagemagick
Search vendor "Imagemagick"
 Imagemagick
Search vendor "Imagemagick" for product "Imagemagick"
 6.2.3.6
Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.3.6"
-
Affected
Imagemagick
Search vendor "Imagemagick"
 Imagemagick
Search vendor "Imagemagick" for product "Imagemagick"
 6.2.4
Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.4"
-
Affected
Imagemagick
Search vendor "Imagemagick"
 Imagemagick
Search vendor "Imagemagick" for product "Imagemagick"
 6.2.4.5
Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.4.5"
-
Affected
Imagemagick
Search vendor "Imagemagick"
 Imagemagick
Search vendor "Imagemagick" for product "Imagemagick"
 6.2.5
Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.5"
-
Affected
Imagemagick
Search vendor "Imagemagick"
 Imagemagick
Search vendor "Imagemagick" for product "Imagemagick"
 6.2.6
Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.6"
-
Affected
Imagemagick
Search vendor "Imagemagick"
 Imagemagick
Search vendor "Imagemagick" for product "Imagemagick"
 6.2.7
Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.7"
-
Affected
Imagemagick
Search vendor "Imagemagick"
 Imagemagick
Search vendor "Imagemagick" for product "Imagemagick"
 6.2.8
Search vendor "Imagemagick" for product "Imagemagick" and version "6.2.8"
-
Affected