The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-updates/2016-10/msg00094.html | Third Party Advisory |
http://lists.opensuse.org/opensuse-updates/2016-10/msg00097.html | Third Party Advisory |
http://www.openwall.com/lists/oss-security/2016/09/18/8 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/93074 | Third Party Advisory VDB Entry |
https://bugzilla.redhat.com/show_bug.cgi?id=1374233 | Issue Tracking |
https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html | Third Party Advisory |
http://lists.opensuse.org/opensuse-updates/2016-10/msg00094.html | Third Party Advisory |
http://lists.opensuse.org/opensuse-updates/2016-10/msg00097.html | Third Party Advisory |
http://www.openwall.com/lists/oss-security/2016/09/18/8 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/93074 | Third Party Advisory VDB Entry |
https://bugzilla.redhat.com/show_bug.cgi?id=1374233 | Issue Tracking |
https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html | Third Party Advisory |
Configurations
History
21 Nov 2024, 02:58
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.opensuse.org/opensuse-updates/2016-10/msg00094.html - Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-updates/2016-10/msg00097.html - Third Party Advisory | |
References | () http://www.openwall.com/lists/oss-security/2016/09/18/8 - Mailing List, Third Party Advisory | |
References | () http://www.securityfocus.com/bid/93074 - Third Party Advisory, VDB Entry | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=1374233 - Issue Tracking | |
References | () https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html - Third Party Advisory |
Information
Published : 2017-02-06 17:59
Updated : 2024-11-21 02:58
NVD link : CVE-2016-7449
Mitre link : CVE-2016-7449
CVE.ORG link : CVE-2016-7449
JSON object : View
Products Affected
debian
- debian_linux
opensuse
- opensuse
- leap
graphicsmagick
- graphicsmagick
CWE
CWE-125
Out-of-bounds Read