CVE-2016-8862
Summary
| CVE | CVE-2016-8862 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2017-02-15 19:59:00 UTC |
|---|
| Updated | 2021-04-26 15:32:00 UTC |
|---|
| Description | The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) | agostino's blog |
MISC |
blogs.gentoo.org |
|
| memory allocation failure in AcquireMagickMemory (memory.c) different from #267 · Issue #271 · ImageMagick/ImageMagick · GitHub |
CONFIRM |
github.com |
Patch, Third Party Advisory, VDB Entry |
| oss-security - Re: imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) |
MLIST |
www.openwall.com |
Mailing List, Patch, Third Party Advisory |
| Debian -- Security Information -- DSA-3726-1 imagemagick |
DEBIAN |
www.debian.org |
Third Party Advisory |
| ImageMagick CVE-2016-8862 Memory Corruption Vulnerability |
BID |
www.securityfocus.com |
Third Party Advisory, VDB Entry |
| oss-security - imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862) |
MLIST |
www.openwall.com |
Mailing List, Third Party Advisory |
| 1387135 – (CVE-2016-8862) CVE-2016-8862 ImageMagick: Memory allocation failure in AcquireMagickMemory |
CONFIRM |
bugzilla.redhat.com |
Issue Tracking, Patch |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 690319 Free Berkeley Software Distribution (FreeBSD) Security Update for imagemagick7 (e1f67063-aab4-11e6-b2d3-60a44ce6887b)
