CVE-2016-3715 vulnerability in Red Hat and Other Products
Published on May 5, 2016
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
Known Exploited Vulnerability
This ImageMagick Ephemeral Coder Arbitrary File Deletion Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
The following remediation steps are recommended / required by May 3, 2022: Apply updates per vendor instructions.
Vulnerability Analysis
CVE-2016-3715 can be exploited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.
Products Associated with CVE-2016-3715
You can be notified by stack.watch whenever vulnerabilities like CVE-2016-3715 are published in these products:
What versions are vulnerable to CVE-2016-3715?
-
Red Hat Enterprise Linux Server Supplementary Eus
Version 6.7z
-
Red Hat Enterprise Linux Desktop
Version 7.0
-
Red Hat Enterprise Linux Server Aus
Version 7.2
-
Red Hat Enterprise Linux Workstation
Version 7.0
-
Red Hat Enterprise Linux Server Tus
Version 7.2
-
Red Hat Enterprise Linux Server
Version 7.0
-
Red Hat Enterprise Linux Hpc Node
Version 6.0
-
Red Hat Enterprise Linux Eus
Version 6.7
-
Red Hat Enterprise Linux Hpc Node
Version 7.0
-
Red Hat Enterprise Linux Desktop
Version 6.0
-
Red Hat Enterprise Linux Hpc Node Eus
Version 7.2
-
Red Hat Enterprise Linux Server
Version 6.0
-
Red Hat Enterprise Linux Workstation
Version 6.0
-
Red Hat Enterprise Linux Server Tus
Version 7.3
-
Red Hat Enterprise Linux Server Aus
Version 7.3
-
Red Hat Enterprise Linux Server Aus
Version 7.4
-
Red Hat Enterprise Linux Eus
Version 7.3
-
Red Hat Enterprise Linux Eus
Version 7.4
-
Red Hat Enterprise Linux Eus
Version 7.5
-
Red Hat Enterprise Linux Server Tus
Version 7.6
-
Red Hat Enterprise Linux Server Aus
Version 7.6
-
Red Hat Enterprise Linux Eus
Version 7.6
-
Red Hat Enterprise Linux Eus
Version 7.2
-
Red Hat Enterprise Linux Server Aus
Version 7.7
-
Red Hat Enterprise Linux Server Tus
Version 7.7
-
Red Hat Enterprise Linux Eus
Version 7.7
-
Red Hat Enterprise Linux Power Big Endian Eus
Version 7.2_ppc64
-
Red Hat Enterprise Linux Power Big Endian Eus
Version 7.3_ppc64
-
Red Hat Enterprise Linux Power Big Endian Eus
Version 7.4_ppc64
-
Red Hat Enterprise Linux Power Big Endian Eus
Version 7.5_ppc64
-
Red Hat Enterprise Linux Power Big Endian Eus
Version 7.6_ppc64
-
Red Hat Enterprise Linux Power Big Endian Eus
Version 7.7_ppc64
-
Red Hat Enterprise Linux Server From Rhui
Version 7.0
-
Red Hat Enterprise Linux Power Big Endian Eus
Version 6.7_ppc64
-
Red Hat Enterprise Linux Server From Rhui
Version 6.0
-
Red Hat Enterprise Linux Power Little Endian
Version 7.0_ppc64le
-
Red Hat Enterprise Linux Power Big Endian
Version 7.0_ppc64
-
Red Hat Enterprise Linux Ibm Z Systems
Version 7.0_s390x
-
Red Hat Enterprise Linux Power Little Endian Eus
Version 7.7_ppc64le
-
Red Hat Enterprise Linux Power Little Endian Eus
Version 7.6_ppc64le
-
Red Hat Enterprise Linux Power Little Endian Eus
Version 7.5_ppc64le
-
Red Hat Enterprise Linux Power Little Endian Eus
Version 7.4_ppc64le
-
Red Hat Enterprise Linux Ibm Z Systems Eus
Version 7.7_s390x
-
Red Hat Enterprise Linux Ibm Z Systems Eus
Version 7.6_s390x
-
Red Hat Enterprise Linux Ibm Z Systems Eus
Version 7.5_s390x
-
Red Hat Enterprise Linux Ibm Z Systems Eus
Version 7.4_s390x
-
Red Hat Enterprise Linux Power Big Endian
Version 6.0_ppc64
-
Red Hat Enterprise Linux Ibm Z Systems
Version 6.0_s390x
-
Red Hat Enterprise Linux Power Little Endian Eus
Version 7.2_ppc64le
-
Red Hat Enterprise Linux Power Little Endian Eus
Version 7.3_ppc64le
-
Red Hat Enterprise Linux Ibm Z Systems Eus
Version 7.3_s390x
-
Red Hat Enterprise Linux Ibm Z Systems Eus
Version 7.2_s390x
-
Red Hat Enterprise Linux Ibm Z Systems Eus
Version 6.7_s390x
-
ImageMagick
Version 7.0.0-0
-
ImageMagick
Version 7.0.1-0
-
ImageMagick
Fixed in Version 6.9.3-10
-
Canonical Ubuntu Linux
Version 12.04
-
Canonical Ubuntu Linux
Version 15.10
-
Canonical Ubuntu Linux
Version 14.04
-
Canonical Ubuntu Linux
Version 16.04
-
Oracle Solaris
Version 11.3
-
Oracle Solaris
Version 10
-
Oracle Linux
Version 6
-
-
Oracle Linux
Version 7
-
-
Suse Linux Enterprise Server
Version 11
sp4
-
Suse Linux Enterprise Debuginfo
Version 11
sp3
-
Suse Openstack Cloud
Version 5
-
Suse Manager Proxy
Version 2.1
-
Suse Linux Enterprise Software Development Kit
Version 12
sp1
-
Suse Linux Enterprise Debuginfo
Version 11
sp2
-
Suse Linux Enterprise Server
Version 11
sp3
-
Suse Manager
Version 2.1
-
Suse Linux Enterprise Server
Version 12
sp1
-
Suse Linux Enterprise Software Development Kit
Version 11
sp4
-
Suse Linux Enterprise Debuginfo
Version 11
sp4
-
Suse Linux Enterprise Server
Version 11
sp2
-
Suse Linux Enterprise Workstation Extension
Version 12
sp1
-
Suse Linux Enterprise Desktop
Version 12
sp1
-
OpenSuse Leap
Version 42.1
-
OpenSuse
Version 13.2
-
Suse Linux Enterprise Server
Version 12
-
-
Suse Linux Enterprise Software Development Kit
Version 12
-
-
Suse Linux Enterprise Desktop
Version 12
-
-
Suse Linux Enterprise Workstation Extension
Version 12
-