ImageMagick 'msl' Pseudo Protocol File Moving Vulnerability (CVE-2016-3716)

• Email
• Facebook
• 
  Twitter
• Google+
• Linkedin

  Severity: CRITICAL

  Advisory Date: MAY 31, 2016

---

  DESCRIPTION

It is possible to move image files to file with any extension in any folder on a web server by using ImageMagick's 'msl' pseudo protocol.

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1007610