THREATOPS
THREAT OPSCVEs › CVE-2016-3714

CVE-2016-3714 — ImageMagick Improper Input Validation Vulnerability

CISA KEVExploited: confirmedImageMagick

ImageMagick contains an improper input validation vulnerability that affects the EPHEMERAL, HTTPS, MVG, MSL, TEXT, SHOW, WIN, and PLT coders. This allows a remote attacker to execute arbitrary code via shell metacharacters in a crafted image.

Vulnerability details