Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-8707

Опубликовано: 23 дек. 2016
Источник: debian

Описание

An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
imagemagickfixed8:6.9.7.0+dfsg-2package

Примечания

  • http://www.talosintelligence.com/reports/TALOS-2016-0216/

  • Fixed by: https://github.com/ImageMagick/ImageMagick/commit/e5fd9ab1b70b2edd06de8efb606e04482cb9a2f0 (7.0.3-9)

  • Fixed by: https://github.com/ImageMagick/ImageMagick/commit/fde5f55af94f189f16958535a9c22b439d71ac93 (6.9.6-7)

  • Fixed by: https://github.com/ImageMagick/ImageMagick/commit/e5dc6d628a1c6049dc95adcea5e49aaa7ef2c778 (6.9.6-7)

Связанные уязвимости

ubuntu логотип

CVE-2016-8707

CVSS3: 7.8
ubuntu
около 9 лет назад

An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality.

redhat логотип

CVE-2016-8707

CVSS3: 4.9
redhat
около 9 лет назад

An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality.

nvd логотип

CVE-2016-8707

CVSS3: 7.8
nvd
около 9 лет назад

An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality.

github логотип

GHSA-wfj2-6fr9-gvjh

CVSS3: 7
github
больше 3 лет назад

An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality.

suse-cvrf логотип

openSUSE-SU-2017:0023-1

suse-cvrf
около 9 лет назад

Security update for ImageMagick