CVE-2016-5118
CRITICAL severity · CVSS 9.8
9.8CVSS CRITICAL
Summary
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
Impact & exploitability
Attack vectorNetwork
Attack complexityLow
Privileges requiredNone
User interactionNone
Confidentiality impactHigh
Integrity impactHigh
Availability impactHigh
Exploit probability (EPSS)49%
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products we track (6)
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.
Additional information
- NVD record
- http://git.imagemagick.org/repos/ImageMagick/commit/40639d173aa8c76b850d625c630b711fee4dcfb8Advisory
- http://hg.code.sf.net/p/graphicsmagick/code/file/41876934e762/ChangeLogAdvisory
- http://hg.code.sf.net/p/graphicsmagick/code/rev/ae3928faa858
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00008.htmlAdvisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00009.htmlAdvisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00011.htmlAdvisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00021.htmlAdvisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00030.htmlAdvisory