Home

CVE-2016-10046

Description

Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.42

Associated Vulnerability

VulnerabilityOS Platform
Vulnerability CVE-2016-10046,CVE-2016-5010 are affected in Imagemagic (x64) 6.9.5Windows
Vulnerability CVE-2016-10046,CVE-2016-5010 are affected in Imagemagic 6.9.5Windows
Multiple Vulnerabilities are affected in ImageMagick 6.9.5Windows
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) ImageMagick-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) ImageMagick-debuginfo-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) ImageMagick-debugsource-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) libMagick++-6_Q16-3-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) libMagick++-6_Q16-3-debuginfo-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) libMagickCore-6_Q16-1-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) libMagickCore-6_Q16-1-32bit-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) libMagickCore-6_Q16-1-debuginfo-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) libMagickWand-6_Q16-1-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) libMagickWand-6_Q16-1-debuginfo-6.8.8.1-59.1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234