Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-5842

Опубликовано: 13 дек. 2016
Источник: debian

Описание

MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
imagemagickfixed8:6.9.6.2+dfsg-2package

Примечания

  • Details: https://www.openwall.com/lists/oss-security/2016/06/23/1

  • https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b

  • Reproducer http://bugs.fi/media/afl/imagemagick/CVE-2016-5842.jpg

Связанные уязвимости

ubuntu логотип

CVE-2016-5842

CVSS3: 7.5
ubuntu
около 9 лет назад

MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.

redhat логотип

CVE-2016-5842

CVSS3: 6.2
redhat
больше 9 лет назад

MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.

nvd логотип

CVE-2016-5842

CVSS3: 7.5
nvd
около 9 лет назад

MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.

github логотип

GHSA-vpcg-r56g-2qv7

CVSS3: 7.5
github
больше 3 лет назад

MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.

suse-cvrf логотип

SUSE-SU-2016:1782-1

suse-cvrf
больше 9 лет назад

Security update for ImageMagick