CVE-2016-5239 — Improper Access Control in Graphicsmagick
Severity
9.8CRITICALNVD
EPSS
0.9%
top 24.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 15
Latest updateMay 14
Description
The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages5 packages
Patches
🔴Vulnerability Details
2📋Vendor Advisories
2💬Community
1Bugzilla▶
CVE-2016-5239 ImageMagick,GraphicsMagick: Gnuplot delegate vulnerability allowing command injection↗2016-05-09