Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-3715

Опубликовано: 03 мая 2016
Источник: redhat
CVSS2: 4.3
EPSS Высокий

Описание

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

It was discovered that certain ImageMagick coders and pseudo-protocols did not properly prevent security sensitive operations when processing specially crafted images. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would allow the attacker to delete arbitrary files.

Меры по смягчению последствий

Details can be found under the resolve tab at https://access.redhat.com/security/vulnerabilities/2296071 Red Hat Enterprise Linux 6 and 7

As a workaround the /etc/ImageMagick/policy.xml file can be edited to disable processing of MVG, HTTPS, HTTP, URL, FTP, EPHEMERAL, MSL, LABEL, TEXT, SHOW, WIN and PLT commands within image files, simply add the following lines: within the policy map stanza: ... Red Hat Enterprise Linux 5

In the following folders: /usr/lib64/ImageMagick-6.2.8/modules-Q16/coders/ (64bit package) or /usr/lib/ImageMagick-6.2.8/modules-Q16/coders/ (32bit package) Rename the following files:

  • mvg.so to mvg.so.bak
  • msl.so to msl.so.bak
  • label.so to label.so.bak

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5ImageMagickNot affected
Red Hat OpenShift Enterprise 2ImageMagickAffected
Red Hat Enterprise Linux 6ImageMagickFixedRHSA-2016:072609.05.2016
Red Hat Enterprise Linux 7ImageMagickFixedRHSA-2016:072609.05.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-20
https://bugzilla.redhat.com/show_bug.cgi?id=1332500ImageMagick: File deletion

EPSS

Процентиль: 99%
0.88973
Высокий

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-3715

CVSS3: 5.5
ubuntu
больше 9 лет назад

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

nvd логотип

CVE-2016-3715

CVSS3: 5.5
nvd
больше 9 лет назад

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

debian логотип

CVE-2016-3715

CVSS3: 5.5
debian
больше 9 лет назад

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0. ...

github логотип

GHSA-vmpp-w9w7-m326

CVSS3: 5.5
github
около 3 лет назад

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

fstec логотип

BDU:2016-01573

fstec
больше 9 лет назад

Уязвимость консольного графического редактора ImageMagick, позволяющая нарушителю удалить произвольные файлы

EPSS

Процентиль: 99%
0.88973
Высокий

4.3 Medium

CVSS2