CVE-2006-5868

Name: CVE-2006-5868
Creator: NVD / NIST
Published: 2006-11-22T01:07:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.65%

Last modified Jun 16, 2026

CVE-2006-5868 is a vulnerability of currently unknown severity. Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.. EPSS estimates a 2.65% chance of exploitation in the next 30 days.

Description

Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.

Metrics

EPSS Probability

2.65%

83.7th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Imagemagick	Imagemagick	>= 6.0, < 6.0.6.2
Imagemagick	Imagemagick	>= 6.2, < 6.2.4.5
Debian	Debian Linux	3.1
Debian	Debian Linux	4.0
Canonical	Ubuntu Linux	5.10
Canonical	Ubuntu Linux	6.06

References

ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.ascBroken Link
http://secunia.com/advisories/22998Third Party Advisory
http://secunia.com/advisories/23101Third Party Advisory
http://secunia.com/advisories/23219Third Party Advisory
http://secunia.com/advisories/24186Third Party Advisory
http://secunia.com/advisories/24284Third Party Advisory
http://www.debian.org/security/2006/dsa-1213Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:223Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0015.htmlThird Party Advisory
http://www.securityfocus.com/bid/21185Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/usn-386-1Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10612Third Party Advisory
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.ascBroken Link
http://secunia.com/advisories/22998Third Party Advisory
http://secunia.com/advisories/23101Third Party Advisory
http://secunia.com/advisories/23219Third Party Advisory
http://secunia.com/advisories/24186Third Party Advisory
http://secunia.com/advisories/24284Third Party Advisory
http://www.debian.org/security/2006/dsa-1213Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:223Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0015.htmlThird Party Advisory
http://www.securityfocus.com/bid/21185Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/usn-386-1Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10612Third Party Advisory

Timeline

Published: Nov 22, 2006
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2006-5868?

Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.

How severe is CVE-2006-5868?

Severity scoring for CVE-2006-5868 is pending analysis. The EPSS model estimates a 2.65% probability of exploitation in the next 30 days.

How do I fix CVE-2006-5868?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-5868?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST