Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2010-4167
HistoryNov 22, 2010 - 12:00 a.m.

CVE-2010-4167

2010-11-2200:00:00
ubuntu.com
ubuntu.com
20

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

EPSS

0

Percentile

10.1%

JSON

Untrusted search path vulnerability in configure.c in ImageMagick before
6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users
to gain privileges via a Trojan horse configuration file in the current
working directory.

Bugs

Notes

Author Note
mdeslaur PoC in debian bug.
OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchimagemagick< 7:6.3.7.9.dfsg1-2ubuntu1.2UNKNOWN
ubuntu9.10noarchimagemagick< 7:6.5.1.0-1.1ubuntu3.1UNKNOWN
ubuntu10.04noarchimagemagick< 7:6.5.7.8-1ubuntu1.1UNKNOWN
ubuntu10.10noarchimagemagick< 7:6.6.2.6-1ubuntu1.1UNKNOWN

Related

nessus 13
openvas 17
cve 1
cvelist 1
redhat 2
securityvulns 2
fedora 2
veracode 1
prion 1
debiancve 1
ubuntu 1
nvd 1
oraclelinux 2
amazon 1
centos 1
nessus
nessus
Fedora 13 : ImageMagick-6.5.8.10-7.fc13 (2010-19056)
2010-12-27 00:00:00
RHEL 5 : ImageMagick (RHSA-2012:0301)
2012-02-21 00:00:00
Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : imagemagick vulnerability (USN-1028-1)
2010-12-08 00:00:00
openvas
openvas
Ubuntu Update for imagemagick vulnerability USN-1028-1
2010-12-23 00:00:00
Fedora Update for ImageMagick FEDORA-2010-19056
2010-12-28 00:00:00
RedHat Update for ImageMagick RHSA-2012:0301-03
2012-02-21 00:00:00
cve
cve
CVE-2010-4167
2010-11-22 20:00:03
cvelist
cvelist
CVE-2010-4167
2010-11-22 19:00:00
redhat
redhat
(RHSA-2012:0301) Low: ImageMagick security and bug fix update
2012-02-21 00:00:00
(RHSA-2012:0544) Moderate: ImageMagick security update
2012-05-07 00:00:00
securityvulns
securityvulns
[USN-1028-1] ImageMagick vulnerability
2010-12-09 00:00:00
ImageMagic code execution
2010-12-09 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: ImageMagick-6.5.8.10-7.fc13
2010-12-26 19:55:07
[SECURITY] Fedora 14 Update: ImageMagick-6.6.4.1-15.fc14
2010-12-23 19:56:59
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:51:07
prion
prion
Design/Logic Flaw
2010-11-22 20:00:00
debiancve
debiancve
CVE-2010-4167
2010-11-22 20:00:03
ubuntu
ubuntu
ImageMagick vulnerability
2010-12-07 00:00:00
nvd
nvd
CVE-2010-4167
2010-11-22 20:00:03
oraclelinux
oraclelinux
ImageMagick security and bug fix update
2012-03-01 00:00:00
ImageMagick security update
2012-05-07 00:00:00
amazon
amazon
Medium: ImageMagick
2012-05-08 23:14:00
centos
centos
ImageMagick security update
2012-05-07 22:49:25

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

EPSS

0

Percentile

10.1%

JSON
Related for UB:CVE-2010-4167
nessus13openvas17cve1cvelist1redhat2securityvulns2fedora2veracode1prion1debiancve1ubuntu1nvd1oraclelinux2amazon1centos1