header-logo
Suggest Exploit
vendor:
ImageMagick
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer-Overflow
120
CWE
Product Name: ImageMagick
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2003

ImageMagick Client-Side Buffer-Overflow Vulnerability

ImageMagick is vulnerable to a remotely exploitable client-side buffer-overflow vulnerability. This issue occurs because the application fails to properly validate the length of user-supplied strings before copying them into static process buffers. An attacker may exploit this issue to cause the affected application to crash, potentially destroying unsaved data, ultimately denying service to legitimate users.

Mitigation:

Ensure that user-supplied strings are properly validated before being copied into static process buffers.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/13351/info

A remotely exploitable client-side buffer-overflow vulnerability affects ImageMagick. This issue occurs because the application fails to properly validate the length of user-supplied strings before copying them into static process buffers.

An attacker may exploit this issue to cause the affected application to crash, potentially destroying unsaved data, ultimately denying service to legitimate users. 

perl -e 'print "P7\n1\n1 1\n1"' > vuln.pnm

Navigation

Suggest Exploit

Services By CQR