Astra Linux - уязвимость в imagemagick

ImageMagick versions before 6.9.11-40 and 7.x before 7.0.10-40 mishandle the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized, allowing additional shell commands to be injected through...

NewStart CGSL CORE 5.05 / MAIN 5.05 : ImageMagick Vulnerability (NS-SA-2021-0186)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ImageMagick packages installed that are affected by a vulnerability: - ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF...

Amazon Linux 2 : ImageMagick (ALAS-2021-1596)

The version of ImageMagick installed on the remote host is prior to 6.9.10.68-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1596 advisory. A flaw was found in ImageMagick. The -authenticate option is mishandled allowing user-controlled password set for a PDF fil...

ImageMagick: Shell injection via PDF password could result in arbitrary code execution

A flaw was found in ImageMagick. The -authenticate option is mishandled allowing user-controlled password set for a PDF file to possibly inject additional shell commands via coders/pdf.c. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

Oracle Linux 7 : ImageMagick (ELSA-2021-0024)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-0024 advisory. 6.9.10.68-5 - Adding CTV-2020-29599 fix Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

ImageMagick6 -- multiple vulnerabilities

CVE reports: Several vulnerabilities have been discovered in ImageMagick: CVE-2021-20309: A flaw was found in ImageMagick in versions before 6.9.12, where a division by zero in WaveImage of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an...

CVE-2020-29599

A flaw was found in ImageMagick. The -authenticate option is mishandled allowing user-controlled password set for a PDF file to possibly inject additional shell commands via coders/pdf.c. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

DEBIAN-CVE-2020-29599

ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via...

CVE-2020-29599

ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via...

Default credentials

ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via...

UBUNTU-CVE-2020-29599

ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via...

Imagemagick Studio ImageMagick Security Breach

Imagemagick Studio ImageMagick is a suite of open source image processing software from ImageMagick Studio Imagemagick Studio, an American company. The software can read, convert or write images in many formats. A security vulnerability exists in ImageMagick version 6.9.11-40 and version 7.x and...

PT-2020-6178 · Imagemagick +7 · Imagemagick +7

Name of the Vulnerable Software and Affected Versions: ImageMagick versions 6.9.11-40 and earlier, 7.x versions prior to 7.0.10-40 Description: The issue is related to the -authenticate option in ImageMagick, which is used for setting passwords for password-protected PDF files. The user-controlle...