DokuWiki With ImageMagick Remote Command Execution and Denial of Service Vulnerabilities

DokuWiki With ImageMagick Remote Command Execution and Denial of Service Vulnerabilities

DokuWiki is prone to these vulnerabilities:

- A denial-of-service issue
- An arbitrary-command-execution issue

These issues present themselves when DocuWiki is configured to use ImageMagick.

The denial-of-service issue allows remote attackers to consume excessive CPU resources, denying service to legitimate users. The command-execution issue allows remote attackers to execute arbitrary shell commands with the privileges of the hosting webserver, facilitating a remote compromise of affected computers.

DokuWiki version 2006-03-09 is vulnerable to these issues; other versions may also be affected.