CVE-2016-10064

Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

References

Affected packages

Git / github.com/imagemagick/imagemagick

Affected ranges

Type: GIT
Repo: https://github.com/imagemagick/imagemagick
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

63302366a63602acbaad5c8223a105811b2adddd

Fixed

f8877abac8e568b2f339cca70c2c3c1b6eaec288

Affected versions

7.*

7.0.1-0

7.0.1-1

7.0.1-10

7.0.1-2

7.0.1-3

7.0.1-4

7.0.1-5

7.0.1-6

7.0.1-7

7.0.1-8

7.0.1-9

7.0.2-0

7.0.2-1

7.0.2-2

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "target": {
            "file": "coders/tiff.c"
        },
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "40277545685285361706803062925460540903",
                "87607866293805462587326939070486197264",
                "170664217860743298238293128044222360934",
                "325023940534464145106330948004468795132",
                "190330425557198804071851971925292316527",
                "111253243599836001395939712469288055400",
                "103780867721283330152124114944292791528",
                "301857112817375956273876996294082513247",
                "262521705954279201608811740148683679836",
                "117625851565268762256032665930213058059",
                "271878258107868133526410998605493084351",
                "191684520993441014191564142826599823008",
                "310592739957817914907826901314177507791",
                "284818067929313898351747432729529682784",
                "183355850136105927078949211707251985820",
                "240874538646597091272449456320894979486",
                "31670805367637193340086030489486681838",
                "16991103846384397547291576447724719782",
                "301857112817375956273876996294082513247",
                "262521705954279201608811740148683679836",
                "311674904509084936395543699801905058080",
                "91271902873716553349762953105998170718",
                "198707712621410796344301423632922983345",
                "132338864859884463566697447977005503304",
                "65989237968877883464528865459798909499"
            ]
        },
        "deprecated": false,
        "id": "CVE-2016-10064-0b414748",
        "source": "https://github.com/imagemagick/imagemagick/commit/63302366a63602acbaad5c8223a105811b2adddd"
    },
    {
        "signature_version": "v1",
        "target": {
            "file": "coders/tiff.c"
        },
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "59826860546247841501285593641871537300",
                "120019537611619820737868857281789731785",
                "272360071468173971920802197128362869834",
                "107259120421786409297265061990566666003",
                "252162973445919023563707502554564370859",
                "93233464705757012018320838430198192209",
                "103780867721283330152124114944292791528",
                "301857112817375956273876996294082513247",
                "262521705954279201608811740148683679836",
                "117625851565268762256032665930213058059",
                "43353023585077889047353140891558235990",
                "214931751757210767112321314143431150464",
                "54110274200021577853726466152116495824",
                "191738995235776576588318712995228528907",
                "268085839746978871175949884173893704345",
                "240874538646597091272449456320894979486",
                "31670805367637193340086030489486681838",
                "16991103846384397547291576447724719782",
                "301857112817375956273876996294082513247",
                "262521705954279201608811740148683679836",
                "117625851565268762256032665930213058059",
                "311843101312631311508955450096831682892",
                "130746086686425062203684007382377060594",
                "332643314117712075246924314082516433009",
                "295729183686487865633523351057276721889",
                "137726742421698579658263187456567271281"
            ]
        },
        "deprecated": false,
        "id": "CVE-2016-10064-4e13a0db",
        "source": "https://github.com/imagemagick/imagemagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288"
    },
    {
        "signature_version": "v1",
        "target": {
            "function": "ReadTIFFImage",
            "file": "coders/tiff.c"
        },
        "signature_type": "Function",
        "digest": {
            "function_hash": "252475098793266569612414011464287303793",
            "length": 23155.0
        },
        "deprecated": false,
        "id": "CVE-2016-10064-560e27cd",
        "source": "https://github.com/imagemagick/imagemagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288"
    },
    {
        "signature_version": "v1",
        "target": {
            "function": "ReadTIFFImage",
            "file": "coders/tiff.c"
        },
        "signature_type": "Function",
        "digest": {
            "function_hash": "151747929654361042470152422400214563452",
            "length": 23919.0
        },
        "deprecated": false,
        "id": "CVE-2016-10064-6c2bb24d",
        "source": "https://github.com/imagemagick/imagemagick/commit/63302366a63602acbaad5c8223a105811b2adddd"
    }
]

Git / github.com/imagemagick/imagemagick6

Affected ranges

Type: GIT
Repo: https://github.com/imagemagick/imagemagick6
Events: Introduced

0 Unknown introduced commit / All previous commits are affected