CVE-2016-10048
NONE EPSS 93.0%
Published Mar 23, 20179y ago ยท Modified Jun 17, 20262w ago
Published Mar 23, 2017 9y ago
Last Modified Jun 17, 2026 2w ago
Description
Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.
Threat Intelligence
EPSS Exploit Probability
93.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-22 Path Traversal Resource Mgmt
Affected Products 2
| Vendor | Product | Version | Range |
|---|---|---|---|
| imagemagick | imagemagick | 6.9.4-7 | any |
| opensuse_project | leap | 42.1 | any |
References 6
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html
- openwall.com http://www.openwall.com/lists/oss-security/2016/12/26/9
- securityfocus.com http://www.securityfocus.com/bid/95186
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1410451
- github.com https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb
Remediation
- github.com https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb