SB2016051806 - OpenSUSE Linux update for GraphicsMagick

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2016051806

SB2016051806 - OpenSUSE Linux update for GraphicsMagick

Published: May 18, 2016 Updated: September 9, 2024

Security Bulletin ID SB2016051806
Severity
Critical
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Critical 25% High 25% Medium 25% Low 25%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2016-3714)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to insufficient filtering for filename passed to delegate's command. A remote attacker can create a specially crafted image containing shell metacharacters, trick the victim into opening it via application using ImageMagick, will trigger an input validation flaw and execute arbitrary shell commands with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

2) Input validation error (CVE-ID: CVE-2016-3715)

The vulnerability allows a remote attacker to delete arbitrary files on the target system.

The weakness exists due to input validation error. A remote attacker can create a specially crafted image, trick the victim into opening it, trigger an error in the ephemeral pseudo-protocol and delete certain files on the affected system.

Successful exploitation of the vulnerability results in deletion of arbitrary files on the vulnerable system.

3) Information disclosure (CVE-ID: CVE-2016-3717)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to the failure to properly prevent the disclosure of file contents when processing certain MVG files. A remote attacker can create a specially crafted image, trick the victim into opening it, generate output files and obtain sensitive information.

Successful exploitation of the vulnerability results in information disclosure on the vulnerable system.

4) Server Side Request Forgery (CVE-ID: CVE-2016-3718)

The vulnerability allows a remote attacker to perform server-side forgery attacks and compromise vulnerable application.

The weakness exists due to the failure to properly prevent the disclosure of file contents when processing certain MVG files. A remote attacker can persuade the victim to open specially crafted images using the .mvg file to trick the victim host into performing HTTP requests or opening FTP sessions.

Successful exploitation of this vulnerability may allow an attacker to perform SSRF attack to retrieve information for further attacks against vulnerable system by performing unauthorized connections to local resources, gain access to sensitive information and compromise vulnerable system.

Remediation

Install update from vendor's website.

References