logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2016-5118

Description

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.


Affected Software


CPE Name Name Version
graphicsmagick:graphicsmagick graphicsmagick 1.3.23
suse:linux_enterprise_debuginfo suse linux enterprise debuginfo 11
suse:studio_onsite suse studio onsite 1.3
suse:linux_enterprise_software_development_kit suse linux enterprise software development kit 11
oracle:solaris oracle solaris 11.3
oracle:solaris oracle solaris 10
oracle:linux oracle linux 7
oracle:linux oracle linux 6
opensuse:leap opensuse leap 42.1
opensuse:opensuse opensuse 13.2
canonical:ubuntu_linux canonical ubuntu linux 16.04
canonical:ubuntu_linux canonical ubuntu linux 15.10
canonical:ubuntu_linux canonical ubuntu linux 14.04
canonical:ubuntu_linux canonical ubuntu linux 12.04
debian:debian_linux debian debian linux 8.0
novell:suse_linux_enterprise_desktop novell suse linux enterprise desktop 12.0
novell:suse_linux_enterprise_workstation_extension novell suse linux enterprise workstation extension 12.0
novell:suse_linux_enterprise_desktop novell suse linux enterprise desktop 12.0
novell:suse_linux_enterprise_software_development_kit novell suse linux enterprise software development kit 12.0
novell:suse_linux_enterprise_server novell suse linux enterprise server 12.0
novell:suse_linux_enterprise_workstation_extension novell suse linux enterprise workstation extension 12.0
novell:suse_linux_enterprise_server novell suse linux enterprise server 12.0
novell:suse_linux_enterprise_software_development_kit novell suse linux enterprise software development kit 12.0

Related