{"uuid": "62f61e37-4f92-40c3-ab52-0c38e0c457d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44267", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/156", "content": "ImageMagick: The hidden vulnerability behind your online images\n\n\ud83d\udc64 by Bryan Gonzalez\n\nIn a recent APT Simulation engagement, the Ocelot team identified that ImageMagick was used to process images in a Drupal-based website, and hence, the team decided to try to find new vulnerabilities in this component. As a result, two zero days were identified:\n   \u2022 CVE-2022-44267: ImageMagick 7.1.0-49 is vulnerable to Denial of Service. \n   \u2022 CVE-2022-44268: ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary remote file.\n\n\ud83d\udcdd Contents:\n\u25cf Introduction\n    \u2022 How to trigger the exploitation?\n\u25cf CVE-2022-44267: Denial of service\n\u25cf CVE-2022-44268: Arbitrary Remote Leak\n\nOriginal link: https://www.metabaseq.com/imagemagick-zero-days/\n\nTry this link if the previous one isn't working: https://web.archive.org/web/20230201234130/https://www.metabaseq.com/imagemagick-zero-days/", "creation_timestamp": "2023-02-02T07:42:21.000000Z"}