Thursday, June 27, 2019

Vuln: ImageMagick Multiple Security Vulnerabilities



ImageMagick is prone to multiple security vulnerabilities.

Successfully exploiting these issues may allow an attacker to gain access to sensitive information, bypass certain security restrictions and to perform unauthorized actions or cause a denial-of-service condition. This may aid in launching further attacks. Due to the nature of this issue, code execution may be possible but this has not been confirmed.

ImageMagick version 7.0.8-34 is vulnerable; other versions may also be affected.
exploit



The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
solution



Solution:
Updates are available. Please see the references or vendor advisory for more information.

info



Bugtraq ID: 108913
Class: Unknown
CVE: CVE-2019-12974
CVE-2019-12975
CVE-2019-12976
CVE-2019-12979
CVE-2019-12977
CVE-2019-12978
Remote: Yes
Local: No
Published: Jun 26 2019 12:00AM
Updated: Jun 26 2019 12:00AM
Credit: The vendor reported this issue.
Vulnerable: ImageMagick ImageMagick 7.0.8-34
Not Vulnerable:
references



from SecurityFocus Vulnerabilities https://ift.tt/2ISKu6P

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.