Intrusion Prevention

ImageMagick.Sync.Exif.Profile.Memory.Corruption

Description

This indicates an attack against a Memory Corruption vulnerability has been reported in ImageMagick.
The vulnerability is caused by improper validation of image files. A remote attacker may be able to exploit this to execute arbitrary code on the affected system, via a crafted file.

Affected Products

ImageMagick Studio ImageMagick Prior to commit a7bb158b7bedd1449a34432feb3a67c8f1873bfa

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://github.com/ImageMagick/ImageMagick/issues/280

CVE References

CVE-2016-7799