CVE-2016-7514
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-7514
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-7514.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-7514
- Downstream
- Related
- Published
- 2017-04-20T18:59:00Z
- Modified
- 2025-10-21T02:36:19Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
- References
-
- http://www.openwall.com/lists/oss-security/2016/09/22/2
- http://www.securityfocus.com/bid/93122
- https://bugzilla.redhat.com/show_bug.cgi?id=1378739
- https://github.com/ImageMagick/ImageMagick/commit/198fffab4daf8aea88badd9c629350e5b26ec32f
- https://github.com/ImageMagick/ImageMagick/commit/280215b9936d145dd5ee91403738ccce1333cab1
- https://github.com/ImageMagick/ImageMagick/commit/6f1879d498bcc5cce12fe0c5decb8dbc0f608e5d
- https://github.com/ImageMagick/ImageMagick/commit/e14fd0a2801f73bdc123baf4fbab97dec55919eb
- https://github.com/ImageMagick/ImageMagick/issues/83
- https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533442
Affected packages
Git / github.com/imagemagick/imagemagick
Affected ranges
- Type
- GIT
- Repo
- https://github.com/imagemagick/imagemagick
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixedFixedFixed
Database specific
vanir_signatures
[
{
"target": {
"file": "coders/psd.c",
"function": "WriteImageChannels"
},
"signature_type": "Function",
"digest": {
"length": 3404.0,
"function_hash": "285074460042033435714570774745871577974"
},
"id": "CVE-2016-7514-03bfd714",
"deprecated": false,
"signature_version": "v1",
"source": "https://github.com/imagemagick/imagemagick/commit/6f1879d498bcc5cce12fe0c5decb8dbc0f608e5d"
},
{
"target": {
"file": "coders/psd.c"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"109751460950315633864691469035376248211",
"178912501136852134042602593953454749296",
"134730300755715259333632594253742267699",
"285867157739302346549685853921776613191"
]
},
"id": "CVE-2016-7514-45b70d5f",
"deprecated": false,
"signature_version": "v1",
"source": "https://github.com/imagemagick/imagemagick/commit/e14fd0a2801f73bdc123baf4fbab97dec55919eb"
},
{
"target": {
"file": "coders/psd.c"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"161427083715258918546799136412959982766",
"312460972902757405177739596775048803258",
"41348376021106145878107322599149235082",
"113738155929550134537127206077550473436"
]
},
"id": "CVE-2016-7514-774bf8f9",
"deprecated": false,
"signature_version": "v1",
"source": "https://github.com/imagemagick/imagemagick/commit/198fffab4daf8aea88badd9c629350e5b26ec32f"
},
{
"target": {
"file": "coders/psd.c",
"function": "ReadPSDChannelPixels"
},
"signature_type": "Function",
"digest": {
"length": 2267.0,
"function_hash": "335383035870159939614420951652307614692"
},
"id": "CVE-2016-7514-c68b03d2",
"deprecated": false,
"signature_version": "v1",
"source": "https://github.com/imagemagick/imagemagick/commit/280215b9936d145dd5ee91403738ccce1333cab1"
},
{
"target": {
"file": "coders/psd.c",
"function": "ReadPSDChannelPixels"
},
"signature_type": "Function",
"digest": {
"length": 2238.0,
"function_hash": "169306428911167216219657258921283259532"
},
"id": "CVE-2016-7514-d1ecc875",
"deprecated": false,
"signature_version": "v1",
"source": "https://github.com/imagemagick/imagemagick/commit/e14fd0a2801f73bdc123baf4fbab97dec55919eb"
},
{
"target": {
"file": "coders/psd.c"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"161624246808178391736060810080783379634",
"97090877004137658579072362989435123192",
"327810344119592760556648814629062316645",
"300446164371847724661278259517095074341",
"183633811458571232582399668000446660690"
]
},
"id": "CVE-2016-7514-ebc47fac",
"deprecated": false,
"signature_version": "v1",
"source": "https://github.com/imagemagick/imagemagick/commit/6f1879d498bcc5cce12fe0c5decb8dbc0f608e5d"
},
{
"target": {
"file": "coders/psd.c",
"function": "ReadPSDImage"
},
"signature_type": "Function",
"digest": {
"length": 6702.0,
"function_hash": "210157996297491556616314171779881018402"
},
"id": "CVE-2016-7514-f15f4cc9",
"deprecated": false,
"signature_version": "v1",
"source": "https://github.com/imagemagick/imagemagick/commit/198fffab4daf8aea88badd9c629350e5b26ec32f"
},
{
"target": {
"file": "coders/psd.c"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"27953133697015499101049926463508724848",
"61702053108166004909071077535210291712",
"4604225926690083465865465553635753128",
"273504656353439999706074899729075301280",
"101364122107472221495999199202325913912",
"253109629157928020907024832077025154573",
"70694050657571819290855134830967025874",
"277579737645969123589385444545079154486",
"159436346830094737257713237232642675225",
"298792781328022024184241879023997605947",
"222850247178822180439749403977984200389",
"175787668666520758713845410904122861701",
"149538864986354266650099342529609608547",
"92934423579030002647292658325760245062",
"40337555287910889988887784336744942504",
"80681271802738934943032338153235327243",
"82295856390647293582110601348779848316",
"27589005223064555269786214621042100105",
"56095465152117053341397777379408298599",
"339377789247296264043251301444415733891",
"27254581136515266010447833007112493263",
"69795866533064426694852616375152563913",
"781287613205355742655349372129548560",
"229379898860325230564649956871122654023",
"42447102046655612463737132526779682702",
"213053194002666447870253276299975534897",
"78124499469260301800609606057045370062",
"52995720018728605569780486578558358115",
"122053523331270530228600442874432600064",
"35784111965840611730952232965298630541",
"20206367232212379903674791055692248547",
"13874142052313021278377217988812611194",
"153437339275628516090461479410667083835",
"12957635100627842058232735865266568921",
"133261799492371621650877187985065036172",
"151124666480925459079714628101841946038",
"156926081528472184846183677699181950776",
"270383756593793418438270441490732977615",
"297575518524379260008807796150947855228",
"138750463347778154377317599600833503012",
"61454726608872019461050938862381628889",
"155793241706855189351482357617300082051",
"156345651047423736388806425153965082578",
"72136966757677748761367739302496737361",
"56393961270002790077942874219534856170",
"320461164001235034890017691227820948113",
"227901182683942692832338832367496254936",
"172572521693954626916528770019528746116",
"86130270330626561169527483693583278270",
"27195846247546395105544970815479595551",
"233231112693906601271841050171585914258",
"275383447923896729303368173143222643880",
"214129069656744371374050604348804543615",
"199151411781886509481355656596677821353",
"143315248874164605850265759159234760503",
"296325844399562854483911576828249805185",
"190993207088699315753310280054099101806",
"91794615232585081307222415967885633275",
"39584322809239800210412417997387944156",
"151672814186478650019986286248692502994",
"214129069656744371374050604348804543615",
"194796126668477045479661674135076611255",
"72632149046832301520363409236644189700",
"220580356314152540172845949699492128319",
"133974081833804709692570970608092123108",
"226856695936803612801621326004050300719",
"155080155044870918543947774078751107154",
"248118894672463066859654798414896070423",
"112886590523769359413836616241614968300",
"205635867571804715045270562174042547085",
"189885647161623328345963496956961876513",
"78349218575956211135234447361186667112",
"117848692994570339326167966005184608097",
"237407896108287987231582911941681449713",
"243997219802485592358256925634576016308",
"42258064439503821740210836304412045804",
"131063166039816605397068254076051641061",
"150130179607317594642771507416949775936",
"269121817939460903893292193106039720164",
"280292791586964139442170996917699738901",
"323178703120428762006232900843567872189",
"117848692994570339326167966005184608097",
"260650099727315252408134012957576980485",
"16005707821783007815482866254495297126",
"39302910621898167293865526273311332327",
"186646666435056846081299360988930221740",
"63287287066068472344558282419358229037",
"329838758957930812653856437334153916898",
"76137699445576540941325778896666886389"
]
},
"id": "CVE-2016-7514-fe725982",
"deprecated": false,
"signature_version": "v1",
"source": "https://github.com/imagemagick/imagemagick/commit/280215b9936d145dd5ee91403738ccce1333cab1"
}
]