CVE-2016-7529

Опубликовано: 19 апр. 2017

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.

Ссылки

http://www.openwall.com/lists/oss-security/2016/09/22/2
Mailing List
Patch
Third Party Advisory
http://www.securityfocus.com/bid/93131
Third Party Advisory
VDB Entry
https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539051
Issue Tracking
https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539052
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=1378761
Issue Tracking
Third Party Advisory
https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c
Patch
https://github.com/ImageMagick/ImageMagick/issues/103
Issue Tracking
Patch
Vendor Advisory
https://github.com/ImageMagick/ImageMagick/issues/104
Issue Tracking
Patch
Vendor Advisory
http://www.openwall.com/lists/oss-security/2016/09/22/2
Mailing List
Patch
Third Party Advisory
http://www.securityfocus.com/bid/93131
Third Party Advisory
VDB Entry
https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539051
Issue Tracking
https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539052
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=1378761
Issue Tracking
Third Party Advisory
https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c
Patch
https://github.com/ImageMagick/ImageMagick/issues/103
Issue Tracking
Patch
Vendor Advisory
https://github.com/ImageMagick/ImageMagick/issues/104
Issue Tracking
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*

Версия до 6.9.4-0 (исключая)

EPSS

Процентиль: 78%

0.0109

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2016-7529

CVSS3: 6.5

ubuntu

почти 9 лет назад

coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.

CVE-2016-7529

CVSS3: 5.3

redhat

около 10 лет назад

coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.

CVE-2016-7529

CVSS3: 6.5

debian

почти 9 лет назад

coders/xcf.c in ImageMagick allows remote attackers to cause a denial ...

GHSA-pmpp-qwx7-m97w

CVSS3: 6.5

github

больше 3 лет назад

coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.

openSUSE-SU-2016:2644-1

suse-cvrf

больше 9 лет назад

Security update for GraphicsMagick

EPSS

Процентиль: 78%

0.0109

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-125