This article is more than 1 year old

ImageMagick hexed again

A security researcher has found yet more security problems on ImageMagick.

Hanno Böck discovered a heap overflow and an out-of-bounds read bug on the site, which is used by many web firms to process images submitted by users. Both flaws have been fixed, allowing Böck to go public with his find, which he uncovered using fuzzing.

News of the latest bugs on the site follows days after server-hijacking holes on the site were discovered by CloudFlare and - much worse - a separate bug that allows images to execute commands on vulnerable systems. ®

More about

TIP US OFF

Send us news