SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (Generic)  >   ImageMagick Vendors:   ImageMagick.org
ImageMagick File Processing Input Validation Flaw Lets Remote Users Read/Move/Delete Arbitrary Files and Execute Arbitrary Commands
SecurityTracker Alert ID:  1035742
SecurityTracker URL:  http://securitytracker.com/id/1035742
CVE Reference:   CVE-2016-3714, CVE-2016-3715, CVE-2016-3716, CVE-2016-3717, CVE-2016-3718   (Links to External Site)
Updated:  May 6 2016
Original Entry Date:  May 4 2016
Impact:   Disclosure of system information, Execution of arbitrary code via network, Host/resource access via network, Modification of system information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 6.9.3-10, 7.0.1-1
Description:   Several vulnerabilities were reported in ImageMagick. A remote user can cause arbitrary commands to be executed on the target user's system. A remote user can read, move, and delete arbitrary files on the target system.

The software does not properly filter parameters processed by the delegate command. A remote user can create a specially crafted image file that, when processed by the target application using ImageMagick, will trigger an input validation flaw and execute arbitrary shell commands on the target system [CVE-2016-3714]. The code will run with the privileges of the target application.

The MVG, HTTPS, EPHEMERAL, and MSL coders are affected.

Nikolay Ermishkin (Mail.Ru Security Team) and stewie reported this vulnerability.

A remote user can create a specially crafted image file that, when processed by the target application using ImageMagick, will delete arbitrary files on the target system [CVE-2016-3715]. The EPHEMERAL coder is affected.

A remote user can create a specially crafted image file that, when processed by the target application using ImageMagick, will move arbitrary files on the target system [CVE-2016-3716]. The MSL coder is affected.

A remote user can create a specially crafted image file that, when processed by the target application using ImageMagick, will read arbitrary files on the target system [CVE-2016-3717]. The LABEL code is affected.

A remote user can create a specially crafted image file that, when processed by the target application using ImageMagick, will conduct server-side request forgery attacks [CVE-2016-3718]. The HTTP and FTP coders are affected.

Impact:   A remote user can create content that, when processed by the target application, will read, move, or delete arbitrary files or execute arbitrary code on the target user's system.

A remote user can create content that, when processed by the target application, will conduct server-side forgery attacks.

Solution:   The vendor plans to issue a fix (6.9.3-10, 7.0.1-1).

The vendor has described a 'policy.xml' configuration as a workaround in their advisory.

The vendor's advisory is available at:

https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588

Vendor URL:  www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588 (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
May 9 2016 (Red Hat Issues Fix) ImageMagick File Processing Input Validation Flaw Lets Remote Users Read/Move/Delete Arbitrary Files and Execute Arbitrary Commands
Red Hat has issued a fix for Red Hat Enterprise Linux 6 and 7.
May 9 2016 (CentOS Issues Fix) ImageMagick File Processing Input Validation Flaw Lets Remote Users Read/Move/Delete Arbitrary Files and Execute Arbitrary Commands
CentOS has issued a fix for CentOS 6 and 7.
Jun 17 2016 (Oracle Issues Fix for Oracle Linux) ImageMagick File Processing Input Validation Flaw Lets Remote Users Read/Move/Delete Arbitrary Files and Execute Arbitrary Commands
Oracle has issued a fix for Oracle Linux 6 and 7.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2017, SecurityGlobal.net LLC