[Forgot Password]
Login  Register Subscribe

23631

 
 

126359

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Command injection vulnerability in ImageMagick

ID: oval:org.secpod.oval:def:35563Date: (C)2016-06-14   (M)2017-11-15
Class: VULNERABILITYFamily: unix




The host is installed with RHEL 6 or 7 and is prone to a command injection vulnerability. A flaw is present in the application, which fails to properly sanitize certain input before passing it to the gnuplot delegate functionality. Successful exploitation could allow attackers to execute arbitrary code.

Platform:
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Product:
ImageMagick
Reference:
CVE-2016-5239
CVE    1
CVE-2016-5239
CPE    3
cpe:/a:imagemagick:imagemagick
cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7

© 2013 SecPod Technologies