Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2016-7906

Published: 18/01/2017 Updated: 14/10/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Imagemagick

Vulnerability Summary

magick/attribute.c in ImageMagick 7.0.3-2 allows remote malicious users to cause a denial of service (use-after-free) via a crafted file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

imagemagick imagemagick 7.0.3-2

debian debian linux 8.0

Vendor Advisories

Ubuntu Security Notice: imagemagick vulnerabilities
Several security issues were fixed in ImageMagick ...
Debian Security Advisories: DSA-3726-1 imagemagick -- security update
Several issues have been discovered in ImageMagick, a popular set of programs and libraries for image manipulation These issues include several problems in memory handling that can result in a denial of service attack or in execution of arbitrary code by an attacker with control on the image input For the stable distribution (jessie), these probl ...
Debian CVElist Bug Report Logs: Imagemagick (jessie and older) buffer overflow
Debian Bug report logs - #845195 Imagemagick (jessie and older) buffer overflow Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 11:30:01 UTC Severit ...
Debian CVElist Bug Report Logs: Fix out of bound read in viff file handling
Debian Bug report logs - #845212 Fix out of bound read in viff file handling Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 14:15:01 UTC Severity: ...
Debian CVElist Bug Report Logs: Suspend exception processing if there are too many exceptions
Debian Bug report logs - #845213 Suspend exception processing if there are too many exceptions Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 14:15: ...
Debian CVElist Bug Report Logs: Check return of write function
Debian Bug report logs - #845196 Check return of write function Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 11:42:01 UTC Severity: important Tag ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2016-9556: Heap buffer overflow in heap-buffer-overflow in IsPixelGray
Debian Bug report logs - #845242 imagemagick: CVE-2016-9556: Heap buffer overflow in heap-buffer-overflow in IsPixelGray Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Dat ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2016-9559: null pointer passed as argument 2, which is declared to never be null
Debian Bug report logs - #845243 imagemagick: CVE-2016-9559: null pointer passed as argument 2, which is declared to never be null Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom ...
Debian CVElist Bug Report Logs: CVE-2016-7799 mogrify global buffer overflow
Debian Bug report logs - #840437 CVE-2016-7799 mogrify global buffer overflow Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Tue, 11 Oct 2016 15:21:02 UTC Severity: ...
Debian CVElist Bug Report Logs: CVE-2016-8862: imagemagick: memory allocation failure in AcquireMagickMemory (memory.c)
Debian Bug report logs - #845634 CVE-2016-8862: imagemagick: memory allocation failure in AcquireMagickMemory (memoryc) Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Dat ...
Debian CVElist Bug Report Logs: CVE-2016-7906
Debian Bug report logs - #840435 CVE-2016-7906 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Tue, 11 Oct 2016 15:15:04 UTC Severity: grave Tags: patch, security F ...
Debian CVElist Bug Report Logs: CVE-2016-8677: memory allocate failure in AcquireQuantumPixels
Debian Bug report logs - #845206 CVE-2016-8677: memory allocate failure in AcquireQuantumPixels Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 12:57 ...
Debian CVElist Bug Report Logs: Check validity of extend during TIFF file reading
Debian Bug report logs - #845198 Check validity of extend during TIFF file reading Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 11:51:01 UTC Seve ...
Debian CVElist Bug Report Logs: Better check for bufferoverflow for TIFF handling
Debian Bug report logs - #845202 Better check for bufferoverflow for TIFF handling Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 12:39:01 UTC Seve ...
Debian CVElist Bug Report Logs: mat file out of bound
Debian Bug report logs - #845246 mat file out of bound Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 17:51:04 UTC Severity: grave Tags: patch, sec ...
Debian CVElist Bug Report Logs: Add check for invalid mat file
Debian Bug report logs - #845244 Add check for invalid mat file Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 21 Nov 2016 17:48:06 UTC Severity: grave Tags: p ...
Red Hat: CVE-2016-7906
magick/attributec in ImageMagick 703-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file ...
Arch Linux Issues:
An attacker is able to trigger a use-after-free when providing a crafted image to ImageMagick's mogrify function ...

References

CWE-416https://github.com/ImageMagick/ImageMagick/issues/281http://www.openwall.com/lists/oss-security/2016/10/02/3http://www.openwall.com/lists/oss-security/2016/10/02/1http://www.securityfocus.com/bid/93271https://security.gentoo.org/glsa/201611-21http://www.debian.org/security/2016/dsa-3726https://github.com/ImageMagick/ImageMagick/commit/90406972f108c4da71f998601b06abdc2ac6f06ehttps://usn.ubuntu.com/3142-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook