Been a while - I discovered a shell injection in ImageMagick. Fixed in the latest release :) insert-script.blogspot.com/2020/11/imagem… I have no cool name or logo :/
@insertScript Cool finding. I'm looking into this for @DailySwig. Can you summarize the issue you found and its potential impact? Has this issue been addressed and, if so, what do users need to do?
@insertScript ohh I like it! adding fuel to the fire
@insertScript There you go: paulbellamy.com/vulnerability-…
@insertScript Ha ha 😀 cool name = 0x87775432shell exploit, but just a script kiddie.
@insertScript Hi, have you published those image and PDFs with the exploit/PoC code? I would like to try them on the @GlasswallCDR engine to see if it is able to create safe versions of those files
@insertScript Great writeup) Liked the part where you got them to fix buggy code to make it exploitable.. takes patience!
@insertScript Care sharing what happened with ZDI? They just didn't answer?
