CVE-2016-5688 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Imagemagick

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122 — Heap-based Buffer Overflow9 documents8 sources

Severity

8.1HIGHNVD

EPSS

2.2%

top 15.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Imagemagick Oracle Solaris

Timeline

PublishedDec 13

Latest updateMay 17

Description

The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages3 packages

▶Debianimagemagick/imagemagick< 8:6.9.6.2+dfsg-2+3

▶NVDimagemagick/imagemagick6.9.4-3+5

▶NVDoracle/solaris11.3

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-2hhc-539m-8qw5: The WPG parser in ImageMagick before 6↗2022-05-17

▶

OSV

CVE-2016-5688: The WPG parser in ImageMagick before 6↗2016-12-13

▶

CVEList

CVE-2016-5688: The WPG parser in ImageMagick before 6↗2016-12-13

▶

📋Vendor Advisories

Ubuntu

ImageMagick vulnerabilities↗2016-11-21

▶

Red Hat

ImageMagick: Heap overflow and random invalid memory writes in WPg parser↗2016-06-14

▶

Debian

CVE-2016-5688: imagemagick - The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memo...↗2016

▶

💬Community

Bugzilla

CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 imagemagick: various flaws [fedora-all]↗2016-06-20

▶

Bugzilla

CVE-2016-5688 ImageMagick: Heap overflow and random invalid memory writes in WPg parser↗2016-06-20

▶