Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-5688

Опубликовано: 13 дек. 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 8.1

Описание

The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.

РелизСтатусПримечание
devel

released

8:6.8.9.9-7ubuntu10
esm-infra-legacy/trusty

released

8:6.7.7.10-6ubuntu3.2
esm-infra/xenial

released

8:6.8.9.9-7ubuntu5.2
precise

released

8:6.6.9.7-5ubuntu3.5
trusty

released

8:6.7.7.10-6ubuntu3.2
trusty/esm

released

8:6.7.7.10-6ubuntu3.2
upstream

released

8:6.8.9.9-5+deb8u4
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

ignored

end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 84%
0.02244
Низкий

6.8 Medium

CVSS2

8.1 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-5688

redhat
больше 9 лет назад

The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.

nvd логотип

CVE-2016-5688

CVSS3: 8.1
nvd
около 9 лет назад

The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.

debian логотип

CVE-2016-5688

CVSS3: 8.1
debian
около 9 лет назад

The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, w ...

github логотип

GHSA-2hhc-539m-8qw5

CVSS3: 8.1
github
больше 3 лет назад

The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.

suse-cvrf логотип

openSUSE-SU-2016:2073-1

suse-cvrf
больше 9 лет назад

Security update for GraphicsMagick

EPSS

Процентиль: 84%
0.02244
Низкий

6.8 Medium

CVSS2

8.1 High

CVSS3