Our corporate IPS recently detected the following:
While you will understand that I can't tell you the exact regular expression for this matching - has anyone else encountered this situation? How serious is it?
BTW, there is no CVE entry for it.
Quote:
The fingerprint HTTP_Imagemagick-Sgi-File-Malformed-BPC-Field-Handling-Buffer-Overflow has matched. Detects buffer overflow exploits against ImageMagick SGI decoder component. A remote attacker can persuade a target user to download a crafted SGI file and open it with the vulnerable product. This causes the vulnerable product to be terminated or executes arbitary code with the privileges of the currently logged in user.
While you will understand that I can't tell you the exact regular expression for this matching - has anyone else encountered this situation? How serious is it?
BTW, there is no CVE entry for it.
_________________
For aliens we're aliens.