CVE-2016-9556

The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.

References

Affected packages

Git / github.com/imagemagick/imagemagick

Affected ranges

Type: GIT
Repo: https://github.com/imagemagick/imagemagick
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

ce98a7acbcfca7f0a178f4b1e7b957e419e0cc99

Affected versions

7.*

7.0.1-0

7.0.1-1

7.0.1-10

7.0.1-2

7.0.1-3

7.0.1-4

7.0.1-5

7.0.1-6

7.0.1-7

7.0.1-8

7.0.1-9

7.0.2-0

7.0.2-1

7.0.2-10

7.0.2-2

7.0.2-3

7.0.2-4

7.0.2-5

7.0.2-6

7.0.2-7

7.0.2-8

7.0.2-9

7.0.3-0

7.0.3-1

7.0.3-2

7.0.3-3

7.0.3-4

7.0.3-5

7.0.3-6

7.0.3-7

Database specific

vanir_signatures

[
    {
        "digest": {
            "length": 11330.0,
            "function_hash": "320932621590700566942648456387954414978"
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/ce98a7acbcfca7f0a178f4b1e7b957e419e0cc99",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "ReadSGIImage",
            "file": "coders/sgi.c"
        },
        "id": "CVE-2016-9556-6914da3d",
        "signature_type": "Function"
    },
    {
        "digest": {
            "line_hashes": [
                "158914192519834743046715997327546238955",
                "247723800267508866142098066814654315147",
                "306954479034000166329109854572178577949",
                "298672604460329150479975648851281235336"
            ],
            "threshold": 0.9
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/ce98a7acbcfca7f0a178f4b1e7b957e419e0cc99",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "coders/sgi.c"
        },
        "id": "CVE-2016-9556-a1b09a93",
        "signature_type": "Line"
    }
]