1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Web servers and sites under attack via ImageMagick zero-day flaw

Discussion in 'Help Net Security' started by RSS, May 4, 2016.

  1. RSS

    RSS New Member Member

    A zero-day remote code execution flaw has been found in ImageMagick, an image processing library that allows image uploads from untrusted users (site visitors) and is widely used by web services (social media, blogging sites, etc.). The flaw (CVE-2016–3714) is extremely easy to take advantage of – a booby-trapped image file that carries the exploit that will force the ImageMagick software to run malicious code on the server will do the trick. What’s more, it … More →

    Continue reading...

Share This Page