CVE-2016-7906
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-7906
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-7906.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-7906
- Downstream
- Related
- Published
- 2017-01-18T17:59:00Z
- Modified
- 2025-10-21T03:59:09.240248Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file.
- References
-
- http://www.debian.org/security/2016/dsa-3726
- http://www.openwall.com/lists/oss-security/2016/10/02/1
- http://www.openwall.com/lists/oss-security/2016/10/02/3
- http://www.securityfocus.com/bid/93271
- https://github.com/ImageMagick/ImageMagick/commit/90406972f108c4da71f998601b06abdc2ac6f06e
- https://github.com/ImageMagick/ImageMagick/issues/281
- https://security.gentoo.org/glsa/201611-21
Affected packages
Git / github.com/imagemagick/imagemagick
Affected ranges
- Type
- GIT
- Repo
- https://github.com/imagemagick/imagemagick
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
7.*
7.0.1-0
7.0.1-1
7.0.1-10
7.0.1-2
7.0.1-3
7.0.1-4
7.0.1-5
7.0.1-6
7.0.1-7
7.0.1-8
7.0.1-9
7.0.2-0
7.0.2-1
7.0.2-10
7.0.2-2
7.0.2-3
7.0.2-4
7.0.2-5
7.0.2-6
7.0.2-7
7.0.2-8
7.0.2-9
7.0.3-0
7.0.3-1
Database specific
vanir_signatures
[
{
"id": "CVE-2016-7906-1d3145df",
"source": "https://github.com/imagemagick/imagemagick/commit/90406972f108c4da71f998601b06abdc2ac6f06e",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"107807159509500034816647423314642211700",
"68858660467834400425474470351640526495",
"187865239751367899072392723382070485475",
"299782843773815210996105039440844061836"
]
},
"target": {
"file": "MagickCore/attribute.c"
}
},
{
"id": "CVE-2016-7906-cb32bd4a",
"source": "https://github.com/imagemagick/imagemagick/commit/90406972f108c4da71f998601b06abdc2ac6f06e",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "92243971982347717171807797241448899910",
"length": 4289.0
},
"target": {
"function": "SetImageType",
"file": "MagickCore/attribute.c"
}
}
]