CVE-2016-7528

The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file.

References

Affected packages

Git / github.com/imagemagick/imagemagick

Affected ranges

Type: GIT
Repo: https://github.com/imagemagick/imagemagick
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

7be16a280014f895a951db4948df316a23dabc09

Fixed

ca0c886abd6d3ef335eb74150cd23b89ebd17135

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "source": "https://github.com/imagemagick/imagemagick/commit/7be16a280014f895a951db4948df316a23dabc09",
        "id": "CVE-2016-7528-26e763ed",
        "target": {
            "file": "coders/viff.c"
        },
        "digest": {
            "line_hashes": [
                "73400276544282883505727135453538747015",
                "68630530501493298963399791193204282036",
                "308880268057827532427875355983393946834",
                "179069771209205453139337767597084181451",
                "134880778367632535309539072403867201631"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/imagemagick/imagemagick/commit/ca0c886abd6d3ef335eb74150cd23b89ebd17135",
        "id": "CVE-2016-7528-857b0d67",
        "target": {
            "file": "coders/viff.c"
        },
        "digest": {
            "line_hashes": [
                "73400276544282883505727135453538747015",
                "68630530501493298963399791193204282036",
                "308880268057827532427875355983393946834",
                "179069771209205453139337767597084181451",
                "65688560844318694106731520456490867518"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/imagemagick/imagemagick/commit/7be16a280014f895a951db4948df316a23dabc09",
        "id": "CVE-2016-7528-a363d176",
        "target": {
            "file": "coders/viff.c",
            "function": "ReadVIFFImage"
        },
        "digest": {
            "function_hash": "273154292058683672639246058856918388300",
            "length": 15347.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/imagemagick/imagemagick/commit/ca0c886abd6d3ef335eb74150cd23b89ebd17135",
        "id": "CVE-2016-7528-eb2bbdb6",
        "target": {
            "file": "coders/viff.c",
            "function": "ReadVIFFImage"
        },
        "digest": {
            "function_hash": "140674290307760993668289752721006000367",
            "length": 15285.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-7528.json"