HTTP: ImageMagick PDF and PostScript Image Ghostscript Command Injection
This signature detects attempts to exploit a known vulnerability against ImageMagick Studio ImageMagick. A successful attack can lead to command injection and arbitrary code execution.
Extended Description
A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Affected Products
Fedoraproject fedora
References
CVE: CVE-2021-3781
Short Name
HTTP:STC:DL:IMG-MGIK-GS-CMD-INJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2021-3781 Command Ghostscript Image ImageMagick Injection PDF PostScript and
Release Date
03/03/2022
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Fedoraproject
Artifex
CVSS Score
9.3