CVE-2016-3716

moderate-risk

Published 2016-05-05

The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.

Do I need to act?

24.3% chance of exploitation in next 30 days

EPSS score — higher than 76% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

1 public exploit available

39767

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 3.3/10 Low

LOCAL / LOW complexity

Affected Products (19)

Ubuntu Linux

Imagemagick

Enterprise Linux Desktop

Enterprise Linux Hpc Node

Enterprise Linux Hpc Node Eus

Enterprise Linux Server

Enterprise Linux Server Aus

Enterprise Linux Server Eus

Enterprise Linux Workstation

Imagemagick

Enterprise Linux Desktop

Enterprise Linux Hpc Node

Enterprise Linux Server Supplementary Eus

Affected Vendors

Canonical Imagemagick Redhat

References (36)

Patch http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9...

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html

Third Party Advisory http://rhn.redhat.com/errata/RHSA-2016-0726.html

http://www.debian.org/security/2016/dsa-3580

Exploit http://www.openwall.com/lists/oss-security/2016/05/03/18

http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.h...

http://www.securityfocus.com/archive/1/538378/100/0/threaded

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slack...

Third Party Advisory http://www.ubuntu.com/usn/USN-2990-1

https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html

https://security.gentoo.org/glsa/201611-21

https://www.exploit-db.com/exploits/39767/

Vendor Advisory https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588

Vendor Advisory https://www.imagemagick.org/script/changelog.php

Patch http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9...

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html

and 16 more references

/ 100

moderate-risk

Severity 13/34 · Low

Exploitability 15/34 · Moderate

Exposure 19/34 · Moderate