Published: 14/03/2017 Updated: 04/11/2017

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick prior to 6.9.2-2, as used in ODR-PadEnc and other products, allows malicious users to trigger memory consumption.

Vulnerable Product	Search on Vulmon	Subscribe to Product
imagemagick imagemagick

Debian Bug report logs - #857426 imagemagick: CVE-2016-10252: Memory leak in IsOptionMember function Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Fri, 10 Mar 2017 ...

This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TGA, Sun or PSD files are processed This update also fixes visual artefacts when running -sharpen on CMYK images (no security ...

Memory leak in the IsOptionMember function in MagickCore/optionc in ImageMagick before 692-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption ...

CWE-399 https://github.com/Opendigitalradio/ODR-PadEnc/issues/2 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857426 http://git.imagemagick.org/repos/ImageMagick/commit/6790815c75bdea0357df5564345847856e995d6b http://www.debian.org/security/2017/dsa-3808 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857426 https://nvd.nist.gov https://www.debian.org/security/./dsa-3808

CVE-2016-10252

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect