10
CVSSv2

CVE-2016-5118

Published: 10/06/2016 Updated: 30/10/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

The OpenBlob function in blob.c in GraphicsMagick prior to 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

Vendor Advisories

Bob Friesenhahn from the GraphicsMagick project discovered a command injection vulnerability in ImageMagick, a program suite for image manipulation An attacker with control on input image or the input filename can execute arbitrary commands with the privileges of the user running the application This update removes the possibility of using pipe ...
Debian Bug report logs - #825799 imagemagick: CVE-2016-5118 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 30 May 2016 05:33:01 UTC Severity: grave Tags: patch, secur ...
It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privil ...
Several security issues were fixed in ImageMagick ...
It was discovered that GraphicsMagick did not properly sanitize certain input before using it to invoke processes A remote attacker could create a specially crafted image that, when processed by an application using GraphicsMagick or an unsuspecting user using the GraphicsMagick utilities, would lead to arbitrary execution of shell commands with t ...
Debian Bug report logs - #814732 graphicsmagick: SVG parsing issues (CVE-2016-2317, CVE-2016-2318) Package: src:graphicsmagick; Maintainer for src:graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 14 Feb 2016 19:27:01 UTC Severity: important ...
It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privil ...
Oracle Linux Bulletin - April 2016 Description The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin Oracle Linux Bulletins are published on the same day as Oracle Critical Patch Updates are release ...
Oracle Solaris Third Party Bulletin - July 2016 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critical Patch Updat ...

References

CWE-284http://git.imagemagick.org/repos/ImageMagick/commit/40639d173aa8c76b850d625c630b711fee4dcfb8http://hg.code.sf.net/p/graphicsmagick/code/file/41876934e762/ChangeLoghttp://hg.code.sf.net/p/graphicsmagick/code/rev/ae3928faa858http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00008.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00011.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00021.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00030.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00032.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00047.htmlhttp://www.debian.org/security/2016/dsa-3591http://www.debian.org/security/2016/dsa-3746http://www.openwall.com/lists/oss-security/2016/05/29/7http://www.openwall.com/lists/oss-security/2016/05/30/1http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlhttp://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlhttp://www.securityfocus.com/bid/90938http://www.securitytracker.com/id/1035984http://www.securitytracker.com/id/1035985http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.397749http://www.ubuntu.com/usn/USN-2990-1https://access.redhat.com/errata/RHSA-2016:1237https://www.rapid7.com/db/vulnerabilities/suse-cve-2016-5118https://www.debian.org/security/./dsa-3591https://nvd.nist.govhttps://usn.ubuntu.com/2990-1/