CVE-2016-7537

Опубликовано: 19 апр. 2017

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.

Ссылки

http://www.openwall.com/lists/oss-security/2016/09/22/2
Mailing List
Patch
Third Party Advisory
http://www.securityfocus.com/bid/93131
Third Party Advisory
VDB Entry
https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1553366
Issue Tracking
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1378773
Issue Tracking
Patch
Third Party Advisory
https://github.com/ImageMagick/ImageMagick/commit/424d40ebfcde48bb872eba75179d3d73704fdf1f
Patch
Vendor Advisory
https://github.com/ImageMagick/ImageMagick/commit/6d202a0514fb6a406456b8b728cde776becb25f8
Patch
Third Party Advisory
https://github.com/ImageMagick/ImageMagick/issues/143
Issue Tracking
Patch
Vendor Advisory
http://www.openwall.com/lists/oss-security/2016/09/22/2
Mailing List
Patch
Third Party Advisory
http://www.securityfocus.com/bid/93131
Third Party Advisory
VDB Entry
https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1553366
Issue Tracking
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1378773
Issue Tracking
Patch
Third Party Advisory
https://github.com/ImageMagick/ImageMagick/commit/424d40ebfcde48bb872eba75179d3d73704fdf1f
Patch
Vendor Advisory
https://github.com/ImageMagick/ImageMagick/commit/6d202a0514fb6a406456b8b728cde776becb25f8
Patch
Third Party Advisory
https://github.com/ImageMagick/ImageMagick/issues/143
Issue Tracking
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*

Версия до 6.9.4-7 (исключая)

EPSS

Процентиль: 81%

0.0151

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2016-7537

CVSS3: 6.5

ubuntu

почти 9 лет назад

MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.

CVE-2016-7537

CVSS3: 4

redhat

почти 10 лет назад

MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.

CVE-2016-7537

CVSS3: 6.5

debian

почти 9 лет назад

MagickCore/memory.c in ImageMagick allows remote attackers to cause a ...

GHSA-2xxj-7m67-w75h

CVSS3: 6.5

github

больше 3 лет назад

MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.

openSUSE-SU-2016:2644-1

suse-cvrf

больше 9 лет назад

Security update for GraphicsMagick

EPSS

Процентиль: 81%

0.0151

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-125