Published: 03/03/2017 Updated: 28/04/2021

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

The ReadGROUP4Image function in coders/tiff.c in ImageMagick prior to 7.0.1-10 does not check the return value of the fputc function, which allows remote malicious users to cause a denial of service (crash) via a crafted image file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
imagemagick imagemagick

Debian Bug report logs - #845196 Check return of write function Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 11:42:01 UTC Severity: important Tag ...

Debian Bug report logs - #849439 imagemagick: CVE-2016-10062: fwrite issue in ReadGROUP4Image Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 27 Dec 2016 07:45:02 UTC ...

The ReadGROUP4Image function in coders/tiffc in ImageMagick before 701-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) via a crafted image file ...

CWE-252 https://github.com/ImageMagick/ImageMagick/issues/196 https://github.com/ImageMagick/ImageMagick/commit/4e914bbe371433f0590cefdf3bd5f3a5710069f9 https://bugzilla.redhat.com/show_bug.cgi?id=1410471 http://www.securityfocus.com/bid/95207 http://www.openwall.com/lists/oss-security/2016/12/26/9 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845196

CVE-2016-10061

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect