Shell injection via PDF password support in ImageMagick 7 #2851
cure53alexander
announced in
Announcements
Replies: 1 comment 2 replies
-
Hi, was this assigned a CVE ID? |
Beta Was this translation helpful? Give feedback.
2 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi all.
I discovered a vulnerability in ImageMagick regarding the handling of the "-authenticate" parameter, which allows to set a password for password protected PDF files.
The user controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands.
I reported this vulnerability to the ImageMagick team and after some back and forth via email, the issue was addressed correctly (given my own understanding of the code and the issue).
I created a blogpost describing the issue more in depth: https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html
I want to thank the IM team to not only adressing this quickly but also allowing me give feedback regarding the ways to address this problem.
cheers,
Alex
Beta Was this translation helpful? Give feedback.
All reactions