Published: 01/03/2017 Updated: 28/04/2021

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

coders/tiff.c in ImageMagick prior to 7.0.3.7 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a crafted image.

Vulnerable Product	Search on Vulmon	Subscribe to Product
imagemagick imagemagick
debian debian linux 8.0

Debian Bug report logs - #845243 imagemagick: CVE-2016-9559: null pointer passed as argument 2, which is declared to never be null Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom ...

Several issues have been discovered in ImageMagick, a popular set of programs and libraries for image manipulation These issues include several problems in memory handling that can result in a denial of service attack or in execution of arbitrary code by an attacker with control on the image input For the stable distribution (jessie), these probl ...

coders/tiffc in ImageMagick before 7037 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image ...

CWE-476 https://github.com/ImageMagick/ImageMagick/issues/298 https://github.com/ImageMagick/ImageMagick/commit/b61d35eaccc0a7ddeff8a1c3abfcd0a43ccf210b https://blogs.gentoo.org/ago/2016/11/19/imagemagick-null-pointer-must-never-be-null-tiff-c/http://www.openwall.com/lists/oss-security/2016/11/23/4 http://www.openwall.com/lists/oss-security/2016/11/19/7 http://www.securityfocus.com/bid/94489 http://www.debian.org/security/2016/dsa-3726 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845243 https://nvd.nist.gov https://www.debian.org/security/./dsa-3726

CVE-2016-9559

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect