Vulnerabilities > CVE-2016-8683 - Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
graphicsmagick
opensuse
debian
CWE-119
nessus

Summary

The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."

Vulnerable Configurations

Part Description Count
Application
Graphicsmagick
1
OS
Opensuse
1
OS
Debian
1

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.

Nessus

  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1430.NASL
    descriptionThis update for GraphicsMagick fixes the following issues : - a possible shell execution attack was fixed. if the first character of an input filename for
    last seen2020-06-05
    modified2016-12-12
    plugin id95704
    published2016-12-12
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95704
    titleopenSUSE Security Update : GraphicsMagick (openSUSE-2016-1430)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1282.NASL
    descriptionThis update for ImageMagick fixes the following issues: These vulnerabilities could be triggered by processing specially crafted image files, which could lead to a process crash or resource consumtion, or potentially have unspecified futher impact. - CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123) - CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127) - CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125) - CVE-2016-8677: Memory allocation failure in AcquireQuantumPixels (bsc#1005328) - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629) - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422) - CVE-2016-7799: mogrify global buffer overflow (bsc#1002421) - CVE-2016-7540: writing to RGF format aborts (bsc#1000394) - CVE-2016-7539: Potential DOS by not releasing memory (bsc#1000715) - CVE-2016-7538: SIGABRT for corrupted pdb file (bsc#1000712) - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711) - CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709) - CVE-2016-7534: Out of bound access in generic decoder (bsc#1000708) - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707) - CVE-2016-7532: fix handling of corrupted psd file (bsc#1000706) - CVE-2016-7531: Pbd file out of bound access (bsc#1000704) - CVE-2016-7530: Out of bound in quantum handling (bsc#1000703) - CVE-2016-7529: Out-of-bound in quantum handling (bsc#1000399) - CVE-2016-7528: Out-of-bound access in xcf file coder (bsc#1000434) - CVE-2016-7527: Out-of-bound access in wpg file coder: (bsc#1000436) - CVE-2016-7526: out-of-bounds write in ./MagickCore/pixel-accessor.h (bsc#1000702) - CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701) - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700) - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699) - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698) - CVE-2016-7521: Heap buffer overflow in psd file handling (bsc#1000697) - CVE-2016-7520: Heap overflow in hdr file handling (bsc#1000696) - CVE-2016-7519: Out-of-bounds read in coders/rle.c (bsc#1000695) - CVE-2016-7518: Out-of-bounds read in coders/sun.c (bsc#1000694) - CVE-2016-7517: Out-of-bounds read in coders/pict.c (bsc#1000693) - CVE-2016-7516: Out-of-bounds problem in rle, pict, viff and sun files (bsc#1000692) - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689) - CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688) - CVE-2016-7513: Off-by-one error leading to segfault (bsc#1000686) - CVE-2016-7101: raphicsMagick: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221) - CVE-2016-6823: raphicsMagick: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066) - CVE-2015-8959: dOS due to corrupted DDS files (bsc#1000713) - CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691) - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690) - CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714) - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209) - Divide by zero in WriteTIFFImage (bsc#1002206) This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-05
    modified2016-11-14
    plugin id94754
    published2016-11-14
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/94754
    titleopenSUSE Security Update : ImageMagick (openSUSE-2016-1282)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1229.NASL
    descriptionThis update for GraphicsMagick fixes the following issues : - security update : - CVE-2016-8684 [boo#1005123] - CVE-2016-8682 [boo#1005125] - CVE-2016-8683 [boo#1005127] - security update : - CVE-2016-7529 [boo#1000399] - CVE-2016-7528 [boo#1000434] - CVE-2016-7515 [boo#1000689] - CVE-2016-7446 [boo#999673] - CVE-2016-7447 [boo#999673] - CVE-2016-7448 [boo#999673] - CVE-2016-7449 [boo#999673] - CVE-2016-7517 [boo#1000693] - CVE-2016-7519 [boo#1000695] - CVE-2016-7522 [boo#1000698] - CVE-2016-7524 [boo#1000700] - CVE-2016-7531 [boo#1000704] - CVE-2016-7533 [boo#1000707] - CVE-2016-7537 [boo#1000711] - CVE-2016-6823 [boo#1001066] - CVE-2016-7101 [boo#1001221] - do not divide by zero in WriteTIFFImage [boo#1002206] - fix buffer overflow [boo#1002209] - CVE-2016-7800 [boo#1002422] - CVE-2016-7996, CVE-2016-7997 [boo#1003629]
    last seen2020-06-05
    modified2016-10-27
    plugin id94304
    published2016-10-27
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/94304
    titleopenSUSE Security Update : GraphicsMagick (openSUSE-2016-1229)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3746.NASL
    descriptionSeveral vulnerabilities have been discovered in GraphicsMagick, a collection of image processing tool, which can cause denial of service attacks, remote file deletion, and remote command execution. This security update removes the full support of PLT/Gnuplot decoder to prevent Gnuplot-shell based shell exploits for fixing the CVE-2016-3714 vulnerability. The undocumented
    last seen2020-06-01
    modified2020-06-02
    plugin id96103
    published2016-12-27
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96103
    titleDebian DSA-3746-1 : graphicsmagick - security update (ImageTragick)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2667-1.NASL
    descriptionThis update for ImageMagick fixes the following issues: These vulnerabilities could be triggered by processing specially crafted image files, which could lead to a process crash or resource consumtion, or potentially have unspecified futher impact. - CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123) - CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127) - CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125) - CVE-2016-8677: Memory allocation failure in AcquireQuantumPixels (bsc#1005328) - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629) - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422) - CVE-2016-7799: mogrify global buffer overflow (bsc#1002421) - CVE-2016-7540: writing to RGF format aborts (bsc#1000394) - CVE-2016-7539: Potential DOS by not releasing memory (bsc#1000715) - CVE-2016-7538: SIGABRT for corrupted pdb file (bsc#1000712) - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711) - CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709) - CVE-2016-7534: Out of bound access in generic decoder (bsc#1000708) - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707) - CVE-2016-7532: fix handling of corrupted psd file (bsc#1000706) - CVE-2016-7531: Pbd file out of bound access (bsc#1000704) - CVE-2016-7530: Out of bound in quantum handling (bsc#1000703) - CVE-2016-7529: Out-of-bound in quantum handling (bsc#1000399) - CVE-2016-7528: Out-of-bound access in xcf file coder (bsc#1000434) - CVE-2016-7527: Out-of-bound access in wpg file coder: (bsc#1000436) - CVE-2016-7526: out-of-bounds write in ./MagickCore/pixel-accessor.h (bsc#1000702) - CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701) - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700) - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699) - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698) - CVE-2016-7521: Heap buffer overflow in psd file handling (bsc#1000697) - CVE-2016-7520: Heap overflow in hdr file handling (bsc#1000696) - CVE-2016-7519: Out-of-bounds read in coders/rle.c (bsc#1000695) - CVE-2016-7518: Out-of-bounds read in coders/sun.c (bsc#1000694) - CVE-2016-7517: Out-of-bounds read in coders/pict.c (bsc#1000693) - CVE-2016-7516: Out-of-bounds problem in rle, pict, viff and sun files (bsc#1000692) - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689) - CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688) - CVE-2016-7513: Off-by-one error leading to segfault (bsc#1000686) - CVE-2016-7101: raphicsMagick: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221) - CVE-2016-6823: raphicsMagick: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066) - CVE-2015-8959: dOS due to corrupted DDS files (bsc#1000713) - CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691) - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690) - CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714) - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209) - Divide by zero in WriteTIFFImage (bsc#1002206) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id94433
    published2016-10-31
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94433
    titleSUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2016:2667-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2964-1.NASL
    descriptionThis update for ImageMagick fixes the following issues: These vulnerabilities could be triggered by processing specially crafted image files, which could lead to a process crash or resource consumtion, or potentially have unspecified futher impact. - CVE-2016-8862: Memory allocation failure in AcquireMagickMemory (bsc#1007245) - CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714) - CVE-2015-8959: DOS due to corrupted DDS files (bsc#1000713) - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711) - CVE-2016-6823: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066) - CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688) - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689) - CVE-2016-7529: out of bound in quantum handling (bsc#1000399) - CVE-2016-7101: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221) - CVE-2016-7527: out of bound access in wpg file coder: (bsc#1000436) - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629) - CVE-2016-7528: out of bound access in xcf file coder (bsc#1000434) - CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127) - CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125) - CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123) - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209) - CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701) - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700) - CVE-2016-7530: Out of bound in quantum handling (bsc#1000703) - CVE-2016-7531: Pbd file out of bound access (bsc#1000704) - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707) - CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709) - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698) - CVE-2016-7517: out-of-bounds read in coders/pict.c (bsc#1000693) - CVE-2016-7516: Out of bounds problem in rle, pict, viff and sun files (bsc#1000692) - CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691) - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690) - CVE-2016-7519: out-of-bounds read in coders/rle.c (bsc#1000695) - CVE-2016-7518: out-of-bounds read in coders/sun.c (bsc#1000694) - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422) - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699) - CVE-2016-7799: mogrify global buffer overflow (bsc#1002421) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id95453
    published2016-12-01
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95453
    titleSUSE SLES11 Security Update : ImageMagick (SUSE-SU-2016:2964-1)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-683.NASL
    descriptionSeveral vulnerabilities have been found in the graphicsmagick package that may lead to denial of service through failed assertions, CPU or memory usage. Some vulnerabilities may also lead to code execution but no exploit is currently known. CVE-2016-7448 Utah RLE: Reject truncated/absurd files which caused huge memory allocations and/or consumed huge CPU CVE-2016-7996 missing check that the provided colormap is not larger than 256 entries resulting in potential heap overflow CVE-2016-7997 denial of service via a crash due to an assertion CVE-2016-8682 stack-based buffer overflow in ReadSCTImage (sct.c) CVE-2016-8683 memory allocation failure in ReadPCXImage (pcx.c) CVE-2016-8684 memory allocation failure in MagickMalloc (memory.c) For Debian 7
    last seen2020-03-17
    modified2016-10-27
    plugin id94297
    published2016-10-27
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/94297
    titleDebian DLA-683-1 : graphicsmagick security update
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1242.NASL
    descriptionThis update for ImageMagick fixes the following issues : - CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123) - CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127) - CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125) - CVE-2016-8677: Memory allocation failure in AcquireQuantumPixels (bsc#1005328) - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629) - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422) - CVE-2016-7799: Mogrify global buffer overflow (bsc#1002421) - CVE-2016-7540: Writing to RGF format aborts (bsc#1000394) - CVE-2016-7539: Potential DOS by not releasing memory (bsc#1000715) - CVE-2016-7538: SIGABRT for corrupted pdb file (bsc#1000712) - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711) - CVE-2016-7536: SEGV reported in corrupted profile handling (bsc#1000710) - CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709) - CVE-2016-7534: Out of bound access in generic decoder (bsc#1000708) - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707) - CVE-2016-7532: Fix handling of corrupted psd file (bsc#1000706) - CVE-2016-7531: Pbd file out of bound access (bsc#1000704) - CVE-2016-7530: Out of bound in quantum handling (bsc#1000703) - CVE-2016-7529: Out of bound in quantum handling (bsc#1000399) - CVE-2016-7528: Out of bound access in xcf file coder (bsc#1000434) - CVE-2016-7527: Out of bound access in wpg file coder: (bsc#1000436) - CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701) - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700) - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699) - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698) - CVE-2016-7521: Heap buffer overflow in psd file handling (bsc#1000697) - CVE-2016-7520: Heap overflow in hdr file handling (bsc#1000696) - CVE-2016-7519: Out-of-bounds read in coders/rle.c (bsc#1000695) - CVE-2016-7518: Out-of-bounds read in coders/sun.c (bsc#1000694) - CVE-2016-7517: Out-of-bounds read in coders/pict.c (bsc#1000693) - CVE-2016-7516: Out of bounds problem in rle, pict, viff and sun files (bsc#1000692) - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689) - CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688) - CVE-2016-7513: Off-by-one error leading to segfault (bsc#1000686) - CVE-2016-7101: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221) - CVE-2016-6823: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066) - CVE-2015-8959: DOS due to corrupted DDS files (bsc#1000713) - CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691) - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690) - CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714) - Divide by zero in WriteTIFFImage (bsc#1002206) - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209)
    last seen2020-06-05
    modified2016-10-31
    plugin id94425
    published2016-10-31
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/94425
    titleopenSUSE Security Update : ImageMagick (openSUSE-2016-1242)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2017-820.NASL
    descriptionThe QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file.(CVE-2017-6335) The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.(CVE-2016-7997) Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries. (CVE-2016-7996 ) The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a
    last seen2020-06-01
    modified2020-06-02
    plugin id99533
    published2017-04-21
    reporterThis script is Copyright (C) 2017-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/99533
    titleAmazon Linux AMI : GraphicsMagick (ALAS-2017-820)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1230.NASL
    descriptionThis update for GraphicsMagick fixes the following issues : - CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123) - CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127) - CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125) - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629) - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422) - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711) - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707) - CVE-2016-7531: Pbd file out of bound access (bsc#1000704) - CVE-2016-7529: out of bound in quantum handling (bsc#1000399) - CVE-2016-7528: Out of bound access in xcf file coder (bsc#1000434) - CVE-2016-7527: out of bound access in wpg file coder: (bsc#1000436) - CVE-2016-7526: out-of-bounds write in ./MagickCore/pixel-accessor.h (bsc#1000702) - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700) - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698) - CVE-2016-7519: out-of-bounds read in coders/rle.c (bsc#1000695) - CVE-2016-7517: out-of-bounds read in coders/pict.c (bsc#1000693) - CVE-2016-7516: Out of bounds problem in rle, pict, viff and sun files (bsc#1000692) - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689) - CVE-2016-7446 CVE-2016-7447 CVE-2016-7448 CVE-2016-7449: various issues fixed in 1.3.25 (bsc#999673) - CVE-2016-7101: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221) - CVE-2016-6823: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066) - CVE-2016-5688: Various invalid memory reads in ImageMagick WPG (bsc#985442) - CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691) - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690) - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209) - Divide by zero in WriteTIFFImage (bsc#1002206)
    last seen2020-06-05
    modified2016-10-27
    plugin id94305
    published2016-10-27
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/94305
    titleopenSUSE Security Update : GraphicsMagick (openSUSE-2016-1230)