Launchpad CVE tracker

CVE 2016-3718

The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.

Related bugs and status

CVE-2016-3718 (Candidate) is related to these bugs:

Bug #1578398: ImageMagick Security Issue: CVE-2016-3714

		In	Importance	Status
1578398	ImageMagick Security Issue: CVE-2016-3714	imagemagick (Ubuntu)	Medium	Fix Released
1578398	ImageMagick Security Issue: CVE-2016-3714	imagemagick (Ubuntu Xenial)	Medium	Fix Released
1578398	ImageMagick Security Issue: CVE-2016-3714	imagemagick (Ubuntu Trusty)	Medium	Fix Released
1578398	ImageMagick Security Issue: CVE-2016-3714	imagemagick (Ubuntu Precise)	Medium	Fix Released
1578398	ImageMagick Security Issue: CVE-2016-3714	imagemagick (Ubuntu Yakkety)	Medium	Fix Released
1578398	ImageMagick Security Issue: CVE-2016-3714	imagemagick (Ubuntu Wily)	Medium	Fix Released
1578398	ImageMagick Security Issue: CVE-2016-3714	imagemagick (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2016-3718

References