Vulnerability Details : CVE-2016-10049
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2016-10049
- cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-10049
1.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 84 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-10049
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2016-10049
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-10049
-
https://github.com/ImageMagick/ImageMagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29710 · ImageMagick/ImageMagick@3e91652 · GitHubIssue Tracking;Patch;Vendor Advisory
-
https://github.com/ImageMagick/ImageMagick/commit/13db820f5e24cd993ee554e99377fea02a904e18
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29710 · ImageMagick/ImageMagick@13db820 · GitHubPatch;Vendor Advisory
-
http://www.securityfocus.com/bid/95180
ImageMagick 'coders/rle.c' Remote Buffer Overflow VulnerabilityThird Party Advisory;VDB Entry
-
https://bugzilla.redhat.com/show_bug.cgi?id=1410452
1410452 – (CVE-2016-10049) CVE-2016-10049 ImageMagick: Buffer overflow when reading corrupt RLE filesIssue Tracking;Third Party Advisory
-
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29710
Segfault in ReadRLEImage - ImageMagickThird Party Advisory
-
http://www.openwall.com/lists/oss-security/2016/12/26/9
oss-security - Re: CVE requests for various ImageMagick issuesMailing List;Third Party Advisory
Jump to