First published: Thu May 05 2016(Updated: )
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =15.10 | |
Canonical Ubuntu Linux | =16.04 | |
ImageMagick ImageMagick | <=6.9.3-9 | |
ImageMagick ImageMagick | =7.0.0-0 | |
ImageMagick ImageMagick | =7.0.1-0 | |
Redhat Enterprise Linux Desktop | =6.0 | |
Redhat Enterprise Linux Desktop | =7.0 | |
Redhat Enterprise Linux Hpc Node | =6.0 | |
Redhat Enterprise Linux Hpc Node | =7.0 | |
Redhat Enterprise Linux Hpc Node Eus | =7.2 | |
Redhat Enterprise Linux Server | =6.0 | |
Redhat Enterprise Linux Server | =7.0 | |
Redhat Enterprise Linux Server Aus | =7.2 | |
Redhat Enterprise Linux Server Eus | =7.2 | |
Redhat Enterprise Linux Server Supplementary Eus | =6.7z | |
Redhat Enterprise Linux Workstation | =6.0 | |
Redhat Enterprise Linux Workstation | =7.0 | |
Redhat Enterprise Linux Eus | =6.7 | |
Redhat Enterprise Linux Eus | =7.2 | |
Redhat Enterprise Linux Eus | =7.3 | |
Redhat Enterprise Linux Eus | =7.4 | |
Redhat Enterprise Linux Eus | =7.5 | |
Redhat Enterprise Linux Eus | =7.6 | |
Redhat Enterprise Linux Eus | =7.7 | |
Redhat Enterprise Linux For Ibm Z Systems | =6.0_s390x | |
Redhat Enterprise Linux For Ibm Z Systems | =7.0_s390x | |
Redhat Enterprise Linux For Ibm Z Systems Eus | =6.7_s390x | |
Redhat Enterprise Linux For Ibm Z Systems Eus | =7.2_s390x | |
Redhat Enterprise Linux For Ibm Z Systems Eus | =7.3_s390x | |
Redhat Enterprise Linux For Ibm Z Systems Eus | =7.4_s390x | |
Redhat Enterprise Linux For Ibm Z Systems Eus | =7.5_s390x | |
Redhat Enterprise Linux For Ibm Z Systems Eus | =7.6_s390x | |
Redhat Enterprise Linux For Ibm Z Systems Eus | =7.7_s390x | |
Redhat Enterprise Linux For Power Big Endian | =6.0_ppc64 | |
Redhat Enterprise Linux For Power Big Endian | =7.0_ppc64 | |
Redhat Enterprise Linux For Power Big Endian Eus | =6.7_ppc64 | |
Redhat Enterprise Linux For Power Big Endian Eus | =7.2_ppc64 | |
Redhat Enterprise Linux For Power Big Endian Eus | =7.3_ppc64 | |
Redhat Enterprise Linux For Power Big Endian Eus | =7.4_ppc64 | |
Redhat Enterprise Linux For Power Big Endian Eus | =7.5_ppc64 | |
Redhat Enterprise Linux For Power Big Endian Eus | =7.6_ppc64 | |
Redhat Enterprise Linux For Power Big Endian Eus | =7.7_ppc64 | |
Redhat Enterprise Linux For Power Little Endian | =7.0_ppc64le | |
Redhat Enterprise Linux For Power Little Endian Eus | =7.2_ppc64le | |
Redhat Enterprise Linux For Power Little Endian Eus | =7.3_ppc64le | |
Redhat Enterprise Linux For Power Little Endian Eus | =7.4_ppc64le | |
Redhat Enterprise Linux For Power Little Endian Eus | =7.5_ppc64le | |
Redhat Enterprise Linux For Power Little Endian Eus | =7.6_ppc64le | |
Redhat Enterprise Linux For Power Little Endian Eus | =7.7_ppc64le | |
Redhat Enterprise Linux Server Aus | =7.3 | |
Redhat Enterprise Linux Server Aus | =7.4 | |
Redhat Enterprise Linux Server Aus | =7.6 | |
Redhat Enterprise Linux Server Aus | =7.7 | |
Redhat Enterprise Linux Server From Rhui | =6.0 | |
Redhat Enterprise Linux Server From Rhui | =7.0 | |
Redhat Enterprise Linux Server Tus | =7.2 | |
Redhat Enterprise Linux Server Tus | =7.3 | |
Redhat Enterprise Linux Server Tus | =7.6 | |
Redhat Enterprise Linux Server Tus | =7.7 | |
ImageMagick ImageMagick | <6.9.3-10 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Oracle Linux | =6 | |
Oracle Linux | =7 | |
Oracle Solaris | =10 | |
Oracle Solaris | =11.3 | |
SUSE Linux Enterprise Debuginfo | =11-sp2 | |
SUSE Linux Enterprise Debuginfo | =11-sp3 | |
SUSE Linux Enterprise Debuginfo | =11-sp4 | |
SUSE Manager | =2.1 | |
Suse Manager Proxy | =2.1 | |
SUSE OpenStack Cloud | =5 | |
openSUSE Leap | =42.1 | |
openSUSE openSUSE | =13.2 | |
SUSE Linux Enterprise Desktop | =12 | |
SUSE Linux Enterprise Desktop | =12-sp1 | |
SUSE Linux Enterprise Server | =11-sp2 | |
SUSE Linux Enterprise Server | =11-sp3 | |
SUSE Linux Enterprise Server | =11-sp4 | |
SUSE Linux Enterprise Server | =12 | |
SUSE Linux Enterprise Server | =12-sp1 | |
SUSE Linux Enterprise Software Development Kit | =11-sp4 | |
SUSE Linux Enterprise Software Development Kit | =12 | |
SUSE Linux Enterprise Software Development Kit | =12-sp1 | |
Suse Linux Enterprise Workstation Extension | =12 | |
Suse Linux Enterprise Workstation Extension | =12-sp1 | |
ImageMagick ImageMagick | ||
=6.0 | ||
=7.0 | ||
=6.7 | ||
=7.2 | ||
=7.3 | ||
=7.4 | ||
=7.5 | ||
=7.6 | ||
=7.7 | ||
=6.0_s390x | ||
=7.0_s390x | ||
=6.7_s390x | ||
=7.2_s390x | ||
=7.3_s390x | ||
=7.4_s390x | ||
=7.5_s390x | ||
=7.6_s390x | ||
=7.7_s390x | ||
=6.0_ppc64 | ||
=7.0_ppc64 | ||
=6.7_ppc64 | ||
=7.2_ppc64 | ||
=7.3_ppc64 | ||
=7.4_ppc64 | ||
=7.5_ppc64 | ||
=7.6_ppc64 | ||
=7.7_ppc64 | ||
=7.0_ppc64le | ||
=7.2_ppc64le | ||
=7.3_ppc64le | ||
=7.4_ppc64le | ||
=7.5_ppc64le | ||
=7.6_ppc64le | ||
=7.7_ppc64le | ||
=6.0 | ||
=7.0 | ||
=7.2 | ||
=6.0 | ||
=7.0 | ||
=7.2 | ||
=7.3 | ||
=7.4 | ||
=7.6 | ||
=7.7 | ||
=6.0 | ||
=7.0 | ||
=6.7z | ||
=7.2 | ||
=7.3 | ||
=7.6 | ||
=7.7 | ||
=6.0 | ||
=7.0 | ||
<6.9.3-10 | ||
=7.0.0-0 | ||
=7.0.1-0 | ||
=12.04 | ||
=14.04 | ||
=15.10 | ||
=16.04 | ||
=6 | ||
=7 | ||
=10 | ||
=11.3 | ||
=11-sp2 | ||
=11-sp3 | ||
=11-sp4 | ||
=2.1 | ||
=2.1 | ||
=5 | ||
=42.1 | ||
=13.2 | ||
=12 | ||
=12-sp1 | ||
=11-sp2 | ||
=11-sp3 | ||
=11-sp4 | ||
=12 | ||
=12-sp1 | ||
=11-sp4 | ||
=12 | ||
=12-sp1 | ||
=12 | ||
=12-sp1 |
http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.