CVE-2016-5239

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.4-0 GraphicsMagick (affected versions not specified)

Description The issue is related to the gnuplot delegate functionality in ImageMagick and GraphicsMagick, which allows remote attackers to execute arbitrary commands via unspecified vectors. This is due to inadequate access control in the gnuplot component of the console graphic editor.

Recommendations For ImageMagick versions prior to 6.9.4-0, update to version 6.9.4-0 or later to resolve the issue. For GraphicsMagick, at the moment, there is no information about a newer version that contains a fix for this vulnerability.