CVE-2006-0082

Name of the Vulnerable Software and Affected Versions: ImageMagick versions 6.2.3 and other versions GraphicsMagick (affected versions not specified)

Description: The issue is related to a format string vulnerability in the SetImageInfo function, which can be exploited by user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code. This can be achieved via a numeric format string specifier, such as %d, in the file name.

Recommendations: For ImageMagick version 6.2.3, consider updating to a newer version that addresses this issue. For other affected ImageMagick versions, update to a version that includes the fix for this problem. For GraphicsMagick, at the moment, there is no information about a newer version that contains a fix for this vulnerability.