PT-2017-7720 · Imagemagick+1 · Imagemagick+1

Mateusz Jurczyk

·

Published

2016-06-05

·

Updated

2020-10-14

·

CVE-2016-10066

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.4-5
Description The issue is related to a buffer overflow in the ReadVIFFImage function, located in coders/viff.c. This can be exploited by remote attackers using a crafted file, leading to a denial of service, specifically causing the application to crash.
Recommendations For versions prior to 6.9.4-5, update to version 6.9.4-5 or later to resolve the issue.

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

ALT-PU-2016-1580
CVE-2016-10066
DLA-756-1
DSA-3726-1

Affected Products

Alt Linux
Imagemagick