ImageMagick is prone to multiple security vulnerabilities.

Successfully exploiting these issues may allow an attacker to gain access to sensitive information, bypass certain security restrictions and to perform unauthorized actions or cause a denial-of-service condition. This may aid in launching further attacks. Due to the nature of this issue, code execution may be possible but this has not been confirmed.
ImageMagick version 7.0.8-34 is vulnerable; other versions may also be affected.

Information

Bugtraq ID: 108913

Class: Unknown

CVE: CVE-2019-12974
CVE-2019-12975
CVE-2019-12976
CVE-2019-12979
CVE-2019-12977
CVE-2019-12978

Remote: Yes

Local: No

Published: Jun 26 2019 12:00AM

Updated: Jun 26 2019 12:00AM

Credit: The vendor reported this issue.

Vulnerable: ImageMagick ImageMagick 7.0.8-34

Not Vulnerable:

Exploit

The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

Source