Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2016-6491

Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.

Related bugs and status

CVE-2016-6491 (Candidate) is related to these bugs:

Bug #1592861: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak

Summary				In	Importance	Status
	1592861	out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak		imagemagick (Ubuntu)	Medium	Confirmed

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2016072...
MLIST: [oss-security] 2016072...
CONFIRM: http://www.oracle.com/...
CONFIRM: https://github.com/Ima...
CONFIRM: https://github.com/Ima...
BID: 92186
SECTRACK: 1036501
GENTOO: GLSA-201611-21