CVE-2016-3715
MEDIUM severity · CVSS 5.5 · CWE-552 · actively exploited (CISA KEV)
5.5CVSS MEDIUM ● exploited
🔴 Actively exploited in the wild (CISA Known Exploited Vulnerabilities).
Added to KEV 2021-11-03. US federal agencies must patch by 2022-05-03.
Summary
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
Impact & exploitability
Attack vectorLocal
Attack complexityLow
Privileges requiredNone
User interactionRequired
Confidentiality impactNone
Integrity impactHigh
Availability impactNone
Exploit probability (EPSS)89%
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Affected products we track (2)
Recommendation
This vulnerability is being actively exploited in the wild — patch affected products urgently. Open any affected product above for its exact safe version.
Official patch: http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog ↗
Additional information
- NVD record
- http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLogPatch
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.htmlAdvisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.htmlAdvisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.htmlAdvisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.htmlAdvisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.htmlAdvisory
- http://rhn.redhat.com/errata/RHSA-2016-0726.htmlAdvisory
- http://www.debian.org/security/2016/dsa-3580Advisory