Vulners
Lucene search
ImageMagick 6.x < 6.9.7-3 ReadPSDLayers() Function PSB File Handling RCE
| Source | Link |
|---|---|
| github | www.github.com/ImageMagick/ImageMagick/issues/347 |
##
# (C) Tenable, Inc.
##
include("compat.inc");
if (description)
{
script_id(96446);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/03/30");
script_name(english:"ImageMagick 6.x < 6.9.7-3 ReadPSDLayers() Function PSB File Handling RCE");
script_summary(english:"Checks the version of ImageMagick.");
script_set_attribute(attribute:"synopsis", value:
"An application installed on the remote Windows host is affected by a
remote code execution vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of ImageMagick installed on the remote Windows host is 6.x
prior to 6.9.7-3. It is, therefore, affected by a remote code
execution vulnerability in the ReadPSDLayers() function in psd.c due
to improper validation of PSB files. An unauthenticated, remote
attacker can exploit this, by convincing a user to open a specially
crafted PSD file, to cause a denial of service condition or the
execution of arbitrary code.");
script_set_attribute(attribute:"see_also", value:"https://github.com/ImageMagick/ImageMagick/issues/347");
script_set_attribute(attribute:"solution", value:
"Upgrade to ImageMagick version 6.9.7-3 or later. Note that you may
also need to manually uninstall the vulnerable version from the
system.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"manual");
script_set_attribute(attribute:"cvss_score_rationale", value:"Manual Analysis of the vulnerability");
script_set_attribute(attribute:"vuln_publication_date", value:"2017/01/07");
script_set_attribute(attribute:"patch_publication_date", value:"2017/01/07");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/01/12");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:imagemagick:imagemagick");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2017-2026 Tenable Network Security, Inc.");
script_dependencies("imagemagick_installed.nasl");
script_require_keys("installed_sw/ImageMagick");
exit(0);
}
include('vdf.inc');
# @tvdl-content
var vuln_data = {
'metadata': {'spec_version': '1.0'},
'checks': [
{
'check_algorithm': 'default',
'product': {'name': 'ImageMagick', 'type': 'app'},
'constraints': [
{'min_version' : '6.0', 'fixed_version' : '6.9.7.3', 'fixed_display' : '6.9.7-3'}
]
}
]
};
var result = vdf::check_and_report(vuln_data:vuln_data, severity:SECURITY_HOLE);
vdf::handle_check_and_report_errors(vdf_result:result);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
30 Mar 2026 00:00Current
6Medium risk
Vulners AI Score6