Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2016-7799

Published: 18/01/2017 Updated: 28/04/2021
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

MagickCore/profile.c in ImageMagick prior to 7.0.3-2 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

imagemagick imagemagick

debian debian linux 8.0

Vendor Advisories

Ubuntu Security Notice: imagemagick vulnerabilities
Several security issues were fixed in ImageMagick ...
Debian Security Advisories: DSA-3726-1 imagemagick -- security update
Several issues have been discovered in ImageMagick, a popular set of programs and libraries for image manipulation These issues include several problems in memory handling that can result in a denial of service attack or in execution of arbitrary code by an attacker with control on the image input For the stable distribution (jessie), these probl ...
Red Hat: CVE-2016-7799
MagickCore/profilec in ImageMagick before 703-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file ...
Debian CVElist Bug Report Logs: CVE-2016-7906
Debian Bug report logs - #840435 CVE-2016-7906 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Tue, 11 Oct 2016 15:15:04 UTC Severity: grave Tags: patch, security F ...
Debian CVElist Bug Report Logs: CVE-2016-8677: memory allocate failure in AcquireQuantumPixels
Debian Bug report logs - #845206 CVE-2016-8677: memory allocate failure in AcquireQuantumPixels Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 12:57 ...
Debian CVElist Bug Report Logs: Check validity of extend during TIFF file reading
Debian Bug report logs - #845198 Check validity of extend during TIFF file reading Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 11:51:01 UTC Seve ...
Debian CVElist Bug Report Logs: CVE-2016-7799 mogrify global buffer overflow
Debian Bug report logs - #840437 CVE-2016-7799 mogrify global buffer overflow Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Tue, 11 Oct 2016 15:21:02 UTC Severity: ...
Debian CVElist Bug Report Logs: mat file out of bound
Debian Bug report logs - #845246 mat file out of bound Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 17:51:04 UTC Severity: grave Tags: patch, sec ...
Debian CVElist Bug Report Logs: CVE-2016-8862: imagemagick: memory allocation failure in AcquireMagickMemory (memory.c)
Debian Bug report logs - #845634 CVE-2016-8862: imagemagick: memory allocation failure in AcquireMagickMemory (memoryc) Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Dat ...
Debian CVElist Bug Report Logs: Fix out of bound read in viff file handling
Debian Bug report logs - #845212 Fix out of bound read in viff file handling Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 14:15:01 UTC Severity: ...
Debian CVElist Bug Report Logs: Suspend exception processing if there are too many exceptions
Debian Bug report logs - #845213 Suspend exception processing if there are too many exceptions Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 14:15: ...
Debian CVElist Bug Report Logs: Check return of write function
Debian Bug report logs - #845196 Check return of write function Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 11:42:01 UTC Severity: important Tag ...
Debian CVElist Bug Report Logs: Imagemagick (jessie and older) buffer overflow
Debian Bug report logs - #845195 Imagemagick (jessie and older) buffer overflow Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 11:30:01 UTC Severit ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2016-9556: Heap buffer overflow in heap-buffer-overflow in IsPixelGray
Debian Bug report logs - #845242 imagemagick: CVE-2016-9556: Heap buffer overflow in heap-buffer-overflow in IsPixelGray Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Dat ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2016-9559: null pointer passed as argument 2, which is declared to never be null
Debian Bug report logs - #845243 imagemagick: CVE-2016-9559: null pointer passed as argument 2, which is declared to never be null Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom ...
Debian CVElist Bug Report Logs: Better check for bufferoverflow for TIFF handling
Debian Bug report logs - #845202 Better check for bufferoverflow for TIFF handling Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 12:39:01 UTC Seve ...
Debian CVElist Bug Report Logs: Add check for invalid mat file
Debian Bug report logs - #845244 Add check for invalid mat file Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 17:48:06 UTC Severity: grave Tags: p ...
Arch Linux Issues:
A buffer over-read vulnerability was found in ImageMagick A malicious file could cause the application to crash ...

References

CWE-125https://github.com/ImageMagick/ImageMagick/issues/280https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfahttp://www.openwall.com/lists/oss-security/2016/10/01/6http://www.openwall.com/lists/oss-security/2016/10/01/4http://www.securityfocus.com/bid/93264https://security.gentoo.org/glsa/201611-21http://www.debian.org/security/2016/dsa-3726https://usn.ubuntu.com/3142-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367CVE-2024-3611CVE-2024-4947CVE-2024-32988CVE-2020-35165local file inclusionCVE-2024-4980bypassmalicious code‎
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook