CVE-2016-10052

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2016-10052
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10052.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-10052
Downstream
Related
Published
2017-03-23T17:59:00Z
Modified
2025-10-23T13:58:56.259448Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

References

Affected packages

Git / github.com/imagemagick/imagemagick

Affected ranges

Type
GIT
Repo
https://github.com/imagemagick/imagemagick
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
13267a10845a8dadabed63072b537f050cec6daa
Fixed
9e187b73a8a1290bb0e1a1c878f8be1917aa8742

Affected versions

7.*

7.0.1-0
7.0.1-1
7.0.1-10
7.0.1-2
7.0.1-3
7.0.1-4
7.0.1-5
7.0.1-6
7.0.1-7
7.0.1-8
7.0.1-9
7.0.2-0
7.0.2-1
7.0.2-2
7.0.2-3
7.0.2-4
7.0.2-5
7.0.2-6
7.0.2-7

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "function_hash": "89483627372646893280161877103821439769",
            "length": 2731.0
        },
        "target": {
            "function": "WriteProfile",
            "file": "coders/jpeg.c"
        },
        "id": "CVE-2016-10052-13c687ea",
        "source": "https://github.com/imagemagick/imagemagick/commit/13267a10845a8dadabed63072b537f050cec6daa",
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "56253162425445806751265001462817591569",
                "132433403060272297246172142265625644524",
                "5356819118163748134532570151435727124",
                "197503473518008425774069524686615739526",
                "334212436599765243090702753815008909117",
                "127761982813903155632866629117701813149",
                "66870368767365105566205587462762060839",
                "16688268606783051239657333687261079209",
                "236791906238400667519590912992689163496",
                "93071636781764418203473928117278666211",
                "293173508704888306060391319407728935174",
                "268175543057563803639738747044076770706",
                "268036570827673594746855874052669415134",
                "131912113798070893418969902990370204799",
                "270569316663015586546900134358477019477"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "coders/jpeg.c"
        },
        "id": "CVE-2016-10052-3c5fa106",
        "source": "https://github.com/imagemagick/imagemagick/commit/13267a10845a8dadabed63072b537f050cec6daa",
        "signature_type": "Line"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "function_hash": "260592553904765170044518643276576524292",
            "length": 19360.0
        },
        "target": {
            "function": "WriteJPEGImage",
            "file": "coders/jpeg.c"
        },
        "id": "CVE-2016-10052-68a3ed0e",
        "source": "https://github.com/imagemagick/imagemagick/commit/13267a10845a8dadabed63072b537f050cec6daa",
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "113843996922438976717064988881421579927",
                "58774743768408380779961446878324363023",
                "66870368767365105566205587462762060839",
                "16688268606783051239657333687261079209",
                "236791906238400667519590912992689163496",
                "93071636781764418203473928117278666211",
                "293173508704888306060391319407728935174"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "coders/jpeg.c"
        },
        "id": "CVE-2016-10052-c7d7b927",
        "source": "https://github.com/imagemagick/imagemagick/commit/9e187b73a8a1290bb0e1a1c878f8be1917aa8742",
        "signature_type": "Line"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "function_hash": "4432838161033079885271334110517193327",
            "length": 2731.0
        },
        "target": {
            "function": "WriteProfile",
            "file": "coders/jpeg.c"
        },
        "id": "CVE-2016-10052-ea847e27",
        "source": "https://github.com/imagemagick/imagemagick/commit/9e187b73a8a1290bb0e1a1c878f8be1917aa8742",
        "signature_type": "Function"
    }
]

Git / github.com/imagemagick/imagemagick6

Affected ranges

Type
GIT
Repo
https://github.com/imagemagick/imagemagick6
Events
Introduced
0 Unknown introduced commit / All previous commits are affected