CVE-2016-5118
CRITICALCVSS 9.8/10EPSS 49.33%
Last modified
CVE-2016-5118 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.. EPSS estimates a 49.33% chance of exploitation in the next 30 days.
Description
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Graphicsmagick | Graphicsmagick | <= 1.3.23 | — |
| Suse | Linux Enterprise Debuginfo | 11 | Sp4 |
| Suse | Studio Onsite | 1.3 | — |
| Suse | Linux Enterprise Software Development Kit | 11 | Sp4 |
| Oracle | Solaris | 10 | — |
| Oracle | Solaris | 11.3 | — |
| Oracle | Linux | 6 | — |
| Oracle | Linux | 7 | — |
| Opensuse | Leap | 42.1 | — |
| Opensuse | Opensuse | 13.2 | — |
| Canonical | Ubuntu Linux | 12.04 | — |
| Canonical | Ubuntu Linux | 14.04 | — |
| Canonical | Ubuntu Linux | 15.10 | — |
| Canonical | Ubuntu Linux | 16.04 | — |
| Debian | Debian Linux | 8.0 | — |
| Suse | Linux Enterprise Desktop | 12 | — |
| Suse | Linux Enterprise Desktop | 12.0 | Sp1 |
| Suse | Linux Enterprise Server | 12 | — |
| Suse | Linux Enterprise Server | 12.0 | Sp1 |
| Suse | Linux Enterprise Software Development Kit | 12 | — |
| Suse | Linux Enterprise Software Development Kit | 12.0 | Sp1 |
| Suse | Linux Enterprise Workstation Extension | 12 | — |
| Imagemagick | Imagemagick | < 7.0.1-7 | — |
References
- http://git.imagemagick.org/repos/ImageMagick/commit/40639d173aa8c76b850d625c630b711fee4dcfb8Broken Link, Vendor Advisory
- http://hg.code.sf.net/p/graphicsmagick/code/file/41876934e762/ChangeLogRelease Notes, Vendor Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00008.htmlThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00009.htmlThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00011.htmlThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00021.htmlThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00030.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00032.htmlThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00047.htmlMailing List, Third Party Advisory
- http://www.debian.org/security/2016/dsa-3591Third Party Advisory
- http://www.debian.org/security/2016/dsa-3746Third Party Advisory
- http://www.openwall.com/lists/oss-security/2016/05/29/7Mailing List, Release Notes
- http://www.openwall.com/lists/oss-security/2016/05/30/1Mailing List, Third Party Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlThird Party Advisory
- http://www.securityfocus.com/bid/90938Broken Link, Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1035984Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1035985Broken Link, Third Party Advisory, VDB Entry
- http://www.ubuntu.com/usn/USN-2990-1Third Party Advisory
- https://access.redhat.com/errata/RHSA-2016:1237Third Party Advisory
- http://git.imagemagick.org/repos/ImageMagick/commit/40639d173aa8c76b850d625c630b711fee4dcfb8Broken Link, Vendor Advisory
- http://hg.code.sf.net/p/graphicsmagick/code/file/41876934e762/ChangeLogRelease Notes, Vendor Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00008.htmlThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00009.htmlThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00011.htmlThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00021.htmlThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00030.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00032.htmlThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00047.htmlMailing List, Third Party Advisory
- http://www.debian.org/security/2016/dsa-3591Third Party Advisory
- http://www.debian.org/security/2016/dsa-3746Third Party Advisory
- http://www.openwall.com/lists/oss-security/2016/05/29/7Mailing List, Release Notes
- http://www.openwall.com/lists/oss-security/2016/05/30/1Mailing List, Third Party Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlThird Party Advisory
- http://www.securityfocus.com/bid/90938Broken Link, Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1035984Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1035985Broken Link, Third Party Advisory, VDB Entry
- http://www.ubuntu.com/usn/USN-2990-1Third Party Advisory
- https://access.redhat.com/errata/RHSA-2016:1237Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-5118?
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
How severe is CVE-2016-5118?
CVE-2016-5118 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 49.33% probability of exploitation in the next 30 days.
How do I fix CVE-2016-5118?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2016-5118?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST