Home

CVE-2016-10049

Description

Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.381

Associated Vulnerability

VulnerabilityOS Platform
Vulnerability CVE-2016-10048,CVE-2016-10049,CVE-2016-10050 are affected in Imagemagic (x64) 6.9.4Windows
Vulnerability CVE-2016-10048,CVE-2016-10049,CVE-2016-10050 are affected in Imagemagic 6.9.4Windows
Multiple Vulnerabilities are affected in ImageMagick 6.9.4Windows
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) ImageMagick-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) ImageMagick-debuginfo-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) ImageMagick-debugsource-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) libMagick++-6_Q16-3-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) libMagick++-6_Q16-3-debuginfo-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) libMagickCore-6_Q16-1-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) libMagickCore-6_Q16-1-32bit-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) libMagickCore-6_Q16-1-debuginfo-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) libMagickWand-6_Q16-1-6.8.8.1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0529-1(SUSE Linux Enterprise Desktop 12-SP1 ) libMagickWand-6_Q16-1-debuginfo-6.8.8.1-59.1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234