header-logo
Suggest Exploit
vendor:
ImageMagick
by:
SecurityFocus
7.5
CVSS
HIGH
Heap Buffer-Overflow
119
CWE
Product Name: ImageMagick
Affected Version From: 6.x
Affected Version To: 6.2.2008
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

ImageMagick Remote Heap Buffer-Overflow Vulnerability

ImageMagick is prone to a remote heap buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. This issue allows attackers to execute arbitrary machine code in the context of applications that use the ImageMagick library.

Mitigation:

Upgrade to ImageMagick version 6.2.8 or later.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/19507/info

ImageMagick is prone to a remote heap buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

This issue allows attackers to execute arbitrary machine code in the context of applications that use the ImageMagick library.

ImageMagick versions in the 6.x series, up to version 6.2.8, are vulnerable to this issue.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/28383.sgi

Navigation

Suggest Exploit

Services By CQR