CVE-2014-1947

HIGH

ImageMagick 6.5.4 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-1947.

AI-analyzed exploit summary This Perl script exploits a local buffer overflow (SEH) in ImageMagick < 6.8.8-5 by generating a malformed BMP file and a modified english.xml file. The exploit triggers when the BMP file is opened, executing shellcode via a crafted SEH chain.

Description

Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030.

Exploits (1)

exploitdb WORKING POC

perllocalwindows

https://www.exploit-db.com/exploits/31688

View Code ZIP pw:eip

This Perl script exploits a local buffer overflow (SEH) in ImageMagick < 6.8.8-5 by generating a malformed BMP file and a modified english.xml file. The exploit triggers when the BMP file is opened, executing shellcode via a crafted SEH chain.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ImageMagick < 6.8.8-5

No auth needed

Prerequisites: Local access to the target system · Ability to replace the english.xml file in the ImageMagick installation directory

MITRE ATT&CK