CVE-2016-5239

The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors...

Scientific Linux Security Update : ImageMagick on SL6.x, SL7.x i386/x86_64 (20160617)

Security Fixes : - It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick...

ImageMagick,GraphicsMagick: Gnuplot delegate vulnerability allowing command injection

It was discovered that ImageMagick did not properly sanitize certain input before passing it to the gnuplot delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick...

Information disclosure

The Safemode gem before 1.2.4 for Ruby, when initialized with a delegate object that is a Rails controller, allows context-dependent attackers to obtain sensitive information via the inspect method...

Amazon Linux AMI : ImageMagick (ALAS-2016-699) (ImageTragick)

It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities,...

JDK: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix

The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 6.0.16.25, 6 R1 before SR8 FP25 6.1.8.25, 7 before SR9 FP40 7.0.9.40, 7 R1 before SR3 FP40 7.1.3.40, and 8 before SR3 8.0.3.0 uses the invoke method of the java.lang.reflect.Method class in an...

Scientific Linux Security Update : ImageMagick on SL6.x, SL7.x i386/x86_64 (20160509) (ImageTragick)

Security Fixes : - It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the...

ImageMagick 6.9.3-9 / 7.0.1-0 - 'ImageTragick' Delegate Arbitrary Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ImageMagick Delegate Arbitrary Command Execution', 'Description' = %q This module exploits a shell command injection in the way "delegates" comman...

CVE-2 0 1 6-3 7 1 4 - ImageMagick command to perform the analysis-vulnerability warning-the black bar safety net

ImageMagick is a usage of a very wide image processing program, many manufacturers are calling this a program for image processing, including image scaling, cutting, watermarking, format conversion and more. But recently researchers have found that, when the user of the incoming contains...

CVE-2016-3714

It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities,...

Safemode Gem for Ruby is vulnerable to information disclosure

Safemode is initialised with an optional 'delegate' object. If the delegated object is a Rails controller, 'inspect' could be called which then exposes all informations about the App, including routes, secret tokens, caches and so on...

DeleGate Local User Elevation of Privilege Vulnerability

DeteGate is used in Unix, windows, macOS multi-platform , running in the application layer of a gateway or proxy server. deteGate can support a variety of protocols HTTP, FTP, NNTP, SMTP, POP, IMAP, SOCKET, DNS, etc., it can control the client and routing server side of the Transmission of data...

DeleGate 9.9.13 - Privilege Escalation

Exploit for linux platform in category local exploits Title: Local root vulnerability in DeleGate v9.9.13 Author: Larry W. Cashdollar, @larry0 Date: 2015-12-17 Advisory: http://www.vapidlabs.com/advisory.php?v=159 Download Sites: http://delegate.hpcc.jp/delegate/ http://delegate.org/delegate/...

DeleGate 9.9.13 Local Root

Title: Local root vulnerability in DeleGate v9.9.13 Author: Larry W. Cashdollar, @larry0 Date: 2015-12-17 Advisory: http://www.vapidlabs.com/advisory.php?v=159 Download Sites: http://delegate.hpcc.jp/delegate/ http://delegate.org/delegate/ Vendor: National Institute of Advanced Industrial Science...

DeleGate 9.9.13 - Local Privilege Escalation

DeleGate 9.9.13 - Local Privilege Escalation Title: Local root vulnerability in DeleGate v9.9.13 Author: Larry W. Cashdollar, @larry0 Date: 2015-12-17 Advisory: http://www.vapidlabs.com/advisory.php?v=159 Download Sites: http://delegate.hpcc.jp/delegate/ http://delegate.org/delegate/ Vendor:...

DeleGate 9.9.13 - Local Privilege Escalation

Title: Local root vulnerability in DeleGate v9.9.13 Author: Larry W. Cashdollar, @larry0 Date: 2015-12-17 Advisory: http://www.vapidlabs.com/advisory.php?v=159 Download Sites: http://delegate.hpcc.jp/delegate/ http://delegate.org/delegate/ Vendor: National Institute of Advanced Industrial Science...

WordPress Delegate Theme - Remote Code Execution

There are a bug in this theme, that allows any website visitor to run and see the output of any shortcode. This gives unauthenticated visitors the same power to execute code on the server as regular publishers have. Solution Update the theme...

DeleGate 7.8.x/8.x SSLway Filter Remote Stack Based Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10295/info A remote buffer overflow vulnerability has been reported to affect the DeleGate SSLway filter. This filter is employed when DeleGate is applying SSL to arbitrary protocols. The issue presents itself due to a la...

DeleGate 7.7.1 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3749/info DeleGate is a proxy server which runs on Linux , Unix, Microsoft Windows and OS/2 platforms. It is capable of translating a number of protocolsHTTP, FTP, NNTP, POP, Telnet, etc. between client and server. DeleGa...

ETL Delegate 5.9 .x/6.0 .x Buffer Overflow Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/808/info The Delegate proxy server from ElectroTechnical Laboratory has numerous several hundred, according to the orignal poster unchecked buffers that could be exploited to remotely compromise the server. / delefate.c...