← ExploitWatch
HomeExploited Vulnerabilities

CVE-2016-3714 — Actively Exploited: ImageMagick (ImageMagick)

ImageMagick contains an improper input validation vulnerability that affects the EPHEMERAL, HTTPS, MVG, MSL, TEXT, SHOW, WIN, and PLT coders. This allows a remote attacker to execute arbitrary code via shell metacharacters in a crafted image.

CVE IDCVE-2016-3714
VendorImageMagick
ProductImageMagick
Vulnerability nameImageMagick Improper Input Validation Vulnerability
Date added2024-09-09
Remediation due2024-09-30
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionImageMagick contains an improper input validation vulnerability that affects the EPHEMERAL, HTTPS, MVG, MSL, TEXT, SHOW, WIN, and PLT coders. This allows a remote attacker to execute arbitrary code via shell metacharacters in a crafted image.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →