| Errata ID | 185 |
|---|---|
| Date | 2016-05-27 |
| Source package | imagemagick |
| Fixed in version | 8:6.7.7.10-5.59.201605232004 |
| Description | This update fixes several vulnerabilities in ImageMagick. These vulnerabilities, collectively known as ImageTragick, are the consequence of lack of sanitization of untrusted input. An attacker with control on the image input could, with the privileges of the user running the application, execute code (CVE-2016-3714), make HTTP GET or FTP requests (CVE-2016-3718), or delete (CVE-2016-3715), move (CVE-2016-3716), or read (CVE-2016-3717) local files. |
| Additional notes | |
| CVE ID | CVE-2016-3714 CVE-2016-3715 CVE-2016-3716 CVE-2016-3717 CVE-2016-3718 |
| UCS Bug number | #41331 |
