Published: 24/03/2017 Updated: 04/11/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

coders/ipl.c in ImageMagick allows remote malicious users to have unspecific impact by leveraging a missing malloc check.

Vulnerable Product	Search on Vulmon	Subscribe to Product
imagemagick imagemagick

Debian Bug report logs - #851485 imagemagick: CVE-2016-10144: ipl file missing malloc check Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIÈS <roucariesbastien+debian@gmailcom> Date: Sun, 15 Jan 2017 1 ...

Several security issues were fixed in ImageMagick ...

This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TIFF, WPG, IPL, MPC or PSB files are processed For the stable distribution (jessie), these problems have been fixed in version ...

CWE-284 https://github.com/ImageMagick/ImageMagick/commit/97566cf2806c0a5a86e884c96831a0c3b1ec6c20 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851485 http://www.securityfocus.com/bid/95750 http://www.openwall.com/lists/oss-security/2017/01/17/5 http://www.openwall.com/lists/oss-security/2017/01/16/6 https://security.gentoo.org/glsa/201702-09 http://www.debian.org/security/2017/dsa-3799 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851485 https://usn.ubuntu.com/3222-1/https://nvd.nist.gov

CVE-2016-10144

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect