logo
DATABASE RESOURCES PRICING ABOUT US

imagemagick: arbitrary code execution

Description

It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application.


Affected Package


OS OS Version Package Name Package Version
any any imagemagick 6.9.3.10-1

Related