Search Results | AttackerKB

Show filters

Topics 2 Users 9,708

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

2 Total Results

Displaying 1-2 of 2

Attacker Value

High

CVE-2022-44268

Disclosure Date: February 06, 2023 (last updated October 08, 2023)

ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).

Attack Vector: Network Privileges: None User Interaction: Required

1

Attacker Value

Unknown

CVE-2022-44267

Disclosure Date: February 06, 2023 (last updated October 08, 2023)

ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input.

Attack Vector: Network Privileges: None User Interaction: Required

0