Vulnerability Details : CVE-2016-5841
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.
Vulnerability category: OverflowMemory CorruptionExecute codeDenial of service
Products affected by CVE-2016-5841
- cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
- cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-5841
12.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 95 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-5841
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2016-5841
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-5841
-
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
Oracle Solaris Bulletin - July 2016Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2016/06/25/3
oss-security - Re: Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE - ImageMagickPatch;Third Party Advisory
-
https://github.com/ImageMagick/ImageMagick/commits/7.0.2-1
Commits · ImageMagick/ImageMagick · GitHubPatch;Vendor Advisory
-
http://www.openwall.com/lists/oss-security/2016/06/23/1
oss-security - Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCEExploit;Patch;Third Party Advisory
-
https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b
Improve checking of EXIF profile to prevent integer overflow (bug rep… · ImageMagick/ImageMagick@d8ab7f0 · GitHubVendor Advisory
-
http://www.securityfocus.com/bid/91394
ImageMagick Integer Overflow and Information Disclosure VulnerabilitiesThird Party Advisory;VDB Entry
Jump to