Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2017-16669

Published: 09/11/2017 Updated: 27/01/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Graphicsmagick

Vulnerability Summary

coders/wpg.c in GraphicsMagick 1.3.26 allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c.

Vulnerable Product Search on Vulmon Subscribe to Product

graphicsmagick graphicsmagick 1.3.26

debian debian linux 7.0

debian debian linux 9.0

debian debian linux 8.0

Vendor Advisories

Ubuntu Security Notice: graphicsmagick vulnerabilities
Several security issues were fixed in GraphicsMagick ...
Amazon Linux AMI: ALAS-2018-966
Memory information disclosure in DescribeImage function in magick/describecGraphicsMagick is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describec file, because of a heap-based buffer over-read The portion of the code containing the vulnerability is responsible for printing the IP ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-16669: Heap buffer over-write in AcquireCacheNexus function in magick/pixel_cache.c
Debian Bug report logs - #881391 graphicsmagick: CVE-2017-16669: Heap buffer over-write in AcquireCacheNexus function in magick/pixel_cachec Package: src:graphicsmagick; Maintainer for src:graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 11 ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11643
Debian Bug report logs - #870157 graphicsmagick: CVE-2017-11643 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11636
Debian Bug report logs - #870149 graphicsmagick: CVE-2017-11636 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11637
Debian Bug report logs - #870153 graphicsmagick: CVE-2017-11637 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11642
Debian Bug report logs - #870156 graphicsmagick: CVE-2017-11642 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11641
Debian Bug report logs - #870155 graphicsmagick: CVE-2017-11641 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11638
Debian Bug report logs - #870154 graphicsmagick: CVE-2017-11638 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...

References

CWE-119https://sourceforge.net/p/graphicsmagick/bugs/450/http://hg.code.sf.net/p/graphicsmagick/code/rev/fcd3ed3394f6http://hg.code.sf.net/p/graphicsmagick/code/rev/e8086faa52d0http://hg.code.sf.net/p/graphicsmagick/code/rev/75245a215fffhttp://hg.code.sf.net/p/graphicsmagick/code/rev/3dc7b4e3779dhttp://hg.code.sf.net/p/graphicsmagick/code/rev/2b7c826d36afhttp://hg.code.sf.net/p/graphicsmagick/code/rev/2a21cda3145bhttp://hg.code.sf.net/p/graphicsmagick/code/rev/1b9e64a8901ehttp://hg.code.sf.net/p/graphicsmagick/code/rev/135bdcb88b8dhttp://www.securityfocus.com/bid/101795https://lists.debian.org/debian-lts-announce/2017/11/msg00013.htmlhttps://lists.debian.org/debian-lts-announce/2018/06/msg00009.htmlhttps://www.debian.org/security/2018/dsa-4321https://usn.ubuntu.com/4248-1/https://usn.ubuntu.com/4248-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761command injectionCVE-2024-3676IDORCVE-2024-30039CVE-2024-32113CVE-2024-30049CVE-2024-4776SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook