ImageMagick Remote Command Execution Vulnerability & Site Store Pro

ImageMagick Remote Command Execution Vulnerability & Site Store Pro

Last week a vulnerability was discovered in the ImageMagick PHP image processing library that allows remote execution of code on affected Linux servers.

The Site Store Pro shopping cart and web-based admin system are not directly affected by this vulnerability since all our image uploads and image processing are done via the secure admin area. (The new version of Site Store Pro doesn’t even use ImageMagick anymore and now uses the GD graphics library exclusively for image re-sizing.)

However, you may have other applications installed on your server that use the affected versions of ImageMagick.  You should contact your hosting provider or VPS/dedicated server administrator and make sure that your server is correctly patched for this vulnerability.

More info on this critical security issue is available at the following links:

https://blog.sucuri.net/2016/05/imagemagick-remote-command-execution-vulnerability.html

https://in.godaddy.com/help/protect-your-server-from-imagemagick-vulnerability-20329

https://www.us-cert.gov/ncas/current-activity/2016/05/04/ImageMagick-Vulnerability

 


Search SiteStorePro.com

Subscribe To Our Email List