another ImageMagick vulnerability

By sasiko
May 31, 2016 in Classic self-hosted technical help

Recommended Posts

sasiko

Posted May 31, 2016

- Share

Posted May 31, 2016

http://permalink.gmane.org/gmane.comp.security.oss.general/19669

All existing releases of GraphicsMagick and ImageMagick support a file open syntax where if the first character of the file specification is a '|', then the remainder of the filename is passed to the shell for execution using the POSIX popen(3C) function. File opening is handled by an OpenBlob() function in the source file blob.c. Unlike the vulnerability described by CVE-2016-3714, this functionality is supported by the core file opening function rather than a delegates subsystem usually used to execute external programs.

ImageMagick-7 : http://git.imagemagick.org/repos/Ima...4f0921abc61458
ImageMagick-6 : http://git.imagemagick.org/repos/Ima...fc463b50c2c6b7

Link to comment

Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

Recently Browsing 0 members
- No registered users viewing this page.

Upcoming Events

No upcoming events found
Trending Content
- 2
  
  Database performance issues after upgrading from 4.7.13 to 4.7.16 (getItemsWithPermission)
  
  By TSP
  Started 1 hour ago
- 2
  
  How to hide online Members Block from public?
  
  By VahnPetit
  Started 2 hours ago
- 3
  
  Adding Links in footer area?
  
  By PinPics
  Started 15 hours ago

Invision Community 5: Assign topics to moderators

Invision Community 4: Pages databases in Clubs

Invision Community 5: Live Topic Improvements

Invision Community 5: New Live Community Features

another ImageMagick vulnerability

Recommended Posts

sasiko

Link to comment

Share on other sites

Archived

Recently Browsing 0 members

Upcoming Events

Trending Content

More