ImageMagick PDF-parsing flaw allowed attacker to execute shell commands via maliciously crafted image – .:: CHASLES CORP. ::.

ACADEMY

imagemagick-pdf-parsing-flaw-allowed-attacker-to execute-shell-commands-via-maliciously-crafted-image

_ 24 novembre 2020_ Charles Njea_ 0 Comments

ImageMagick PDF-parsing flaw allowed attacker to execute shell commands via maliciously crafted image

Alex Inführ discovered a new shell injection vulnerability related to the parsing of PDF files by ImageMagick while investigating ‘ImageTragick’, a set of vulnerabilities discovered in 2016.

11