GraphicsMagick CVE-2017-16353 Information Disclosure Vulnerability



GraphicsMagick is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to obtain sensitive information that may aid in further attacks.

Information

Bugtraq ID: 101653
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-16353

Remote: Yes
Local: No
Published: Nov 01 2017 12:00AM
Updated: Nov 01 2017 12:00AM
Credit: Jeremy Heng (@nn_amon) and Terry Chia (Ayrx).
Vulnerable: GraphicsMagick GraphicsMagick 1.3.26


Not Vulnerable:

Exploit


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.


Related Posts

Comments