This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote Windows host has an application installed that is affected
by multiple vulnerabilities.
The remote Windows host has a version of ImageMagick installed that is
prior to 7.0.1-1 or 6.x prior to 6.9.3-10. It is, therefore, affected
by the following vulnerabilities :
- A remote code execution vulnerability, known as
ImageTragick, exists due to a failure to properly filter
shell characters in filenames passed to delegate
commands. A remote attacker can exploit this, via
specially crafted images, to inject shell commands and
execute arbitrary code. (CVE-2016-3714)
- An unspecified flaw exists in the 'ephemeral' pseudo
protocol that allows an attacker to delete arbitrary
- An unspecified flaw exists in the 'ms' pseudo protocol
that allows an attacker to move arbitrary files to
arbitrary locations. (CVE-2016-3716)
- An unspecified flaw exists in the 'label' pseudo
protocol that allows an attacker, via a specially
crafted image, to read arbitrary files. (CVE-2016-3717)
- A server-side request forgery (SSRF) vulnerability
exists due to an unspecified flaw related to request
handling between a user and the server. A remote
attacker can exploit this, via an MVG file with a
specially crafted fill element, to bypass access
restrictions and conduct host-based attacks.
See also :
Upgrade to ImageMagick version 7.0.1-1 / 6.9.3-10 or later.
Note that you may need to manually uninstall the vulnerable version
from the system.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true