Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:IMAGEMAGICK-COMM-INJ |
|---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
ImageMagick Delegate Command Injection |
Release Date |
2016/06/09 |
Update Number |
2738 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: ImageMagick Delegate Command Injection
This signature detects attempts to exploit a known vulnerability ImageMagick. Attackers can inject code on the target system resulting in full control of the victim's computer.
Extended Description
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
Affected Products
- Canonical ubuntu_linux 12.04
- Canonical ubuntu_linux 14.04
- Canonical ubuntu_linux 15.10
- Canonical ubuntu_linux 16.04
- Debian debian_linux 8.0
- Graphicsmagick graphicsmagick 1.3.23
- Novell suse_linux_enterprise_desktop 12.0
- Novell suse_linux_enterprise_server 12.0
- Novell suse_linux_enterprise_software_development_kit 12.0
- Novell suse_linux_enterprise_workstation_extension 12.0
- Opensuse leap 42.1
- Opensuse opensuse 13.2
- Oracle linux 6
- Oracle linux 7
- Oracle solaris 10
- Oracle solaris 11.3
- Suse linux_enterprise_debuginfo 11
- Suse linux_enterprise_software_development_kit 11
- Suse studio_onsite 1.3
References
- CVE: CVE-2016-3714
- CVE: CVE-2016-5118