CVE-2016-8707
Description
An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagickss convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
2.137
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerability CVE-2016-7799,CVE-2016-7906,CVE-2016-8677,CVE-2016-8707 are affected in Imagemagic (x64) 7.0.3 | Windows |
| Vulnerability CVE-2016-7799,CVE-2016-7906,CVE-2016-8677,CVE-2016-8707 are affected in Imagemagic 7.0.3 | Windows |
| Multiple Vulnerabilities are affected in ImageMagick 7.0.3 | Windows |
| imagemagick security update(DSA-3799-1) imagemagick_6.8.9.9-5+deb8u7_i386.deb | Linux |
| imagemagick security update(DSA-3799-1) imagemagick_6.8.9.9-5+deb8u7_amd64.deb | Linux |
| imagemagick security update(DSA-3799-1) imagemagick_6.8.9.9-5+deb8u7_kfreebsd-i386.deb | Linux |
| imagemagick security update(DSA-3799-1) imagemagick_6.8.9.9-5+deb8u7_kfreebsd-amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234