VULHUB ™

ImageMagick is reported prone to a remote format-string vulnerability. Reportedly, this issue arises when the application handles malformed filenames. An attacker can exploit this vulnerability by crafting a malicious file with a name that contains format specifiers and sending the file to an unsuspecting user. Note that there are other attack vectors that may not require user interaction, since the application can be used with custom printing systems and web applications. A successful attack may crash the application or lead to arbitrary code execution. All versions of ImageMagick are considered vulnerable at the moment.

ImageMagick is reported prone to a remote format-string vulnerability. Reportedly, this issue arises when the application handles malformed filenames. An attacker can exploit this vulnerability by crafting a malicious file with a name that contains format specifiers and sending the file to an unsuspecting user. Note that there are other attack vectors that may not require user interaction, since the application can be used with custom printing systems and web applications. A successful attack may crash the application or lead to arbitrary code execution. All versions of ImageMagick are considered vulnerable at the moment.