CVE-2016-5118

Опубликовано: 10 июн. 2016

Источник: debian

EPSS Средний

Описание

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
imagemagick	fixed	8:6.8.9.9-7.1		package
graphicsmagick	fixed	1.3.24-1		package

Примечания

fixed by http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/ae3928faa858
patch available at https://www.openwall.com/lists/oss-security/2016/05/29/7

EPSS

Процентиль: 97%

0.35422

Средний

Связанные уязвимости

CVE-2016-5118

CVSS3: 9.8

ubuntu

около 9 лет назад

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

CVE-2016-5118

redhat

больше 9 лет назад

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

CVE-2016-5118

CVSS3: 9.8

nvd

около 9 лет назад

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

openSUSE-SU-2016:1653-1

suse-cvrf

около 9 лет назад

Security update for ImageMagick

openSUSE-SU-2016:1521-1

suse-cvrf

около 9 лет назад

Security update for GraphicsMagick

EPSS

Процентиль: 97%

0.35422

Средний