How to Buy
This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.
The remote Windows host contains an application that is affected by a
memory corruption vulnerability.
The remote Windows host is running a version of ImageMagick prior to
version 6.7.8-8. It is, therefore, affected by a memory corruption
vulnerability in 'gif.c' while processing GIF comments because a null
character is used to terminate comments. Exploitation of this issue
could result in a denial of service or arbitrary code execution. To fix
this issue, raw memory handling is replaced with a 'ConcatenateString'
See also :
Upgrade to ImageMagick 6.7.8-8 or later.
Note that you may need to manually uninstall the vulnerable version
from the system.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true
Nessus Plugin ID: 70739 ()
Bugtraq ID: 62080
CVE ID: CVE-2013-4298
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.