Test ID:	1.3.6.1.4.1.25623.1.0.810500
Category:	General
Title:	ImageMagick Information Disclosure And Security Bypass Vulnerabilities - Mac OS X
Summary:	ImageMagick is prone to an information disclosure and security bypass vulnerabilities.
Description:	Summary: ImageMagick is prone to an information disclosure and security bypass vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - The memory leak error in XML file transversal. - The relative path is not escaped while arbitrary module loading. Vulnerability Impact: Successful exploitation will allow attackers to gain access to sensitive information that may aid in further attacks and bypass certain security restrictions to perform unauthorized actions. Affected Software/OS: ImageMagick versions before 6.9.4-7 on Mac OS X. Solution: Upgrade to ImageMagick version 6.9.4-7 or later. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-10047 BugTraq ID: 95182 http://www.securityfocus.com/bid/95182 http://www.openwall.com/lists/oss-security/2016/12/26/9 Common Vulnerability Exposure (CVE) ID: CVE-2016-10048 BugTraq ID: 95186 http://www.securityfocus.com/bid/95186 SuSE Security Announcement: openSUSE-SU-2017:0391 (Google Search) http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html SuSE Security Announcement: openSUSE-SU-2017:0399 (Google Search) http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.