CVE-2016-8684

CVE-2016-8684

Name

CVE-2016-8684

Description

The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Issue Tracking	http://hg.code.sf.net/p/graphicsmagick/code/rev/c53725cb5449
Patch	http://lists.opensuse.org/opensuse-updates/2016-10/msg00094.html
Third Party Advisory	http://www.debian.org/security/2016/dsa-3746
Mailing List	http://www.openwall.com/lists/oss-security/2016/10/16/15
Third Party Advisory	http://www.securityfocus.com/bid/93779
Patch	https://blogs.gentoo.org/ago/2016/09/15/graphicsmagick-memory-allocation-failure-in-magickmalloc-memory-c/
Issue Tracking	https://bugzilla.redhat.com/show_bug.cgi?id=1385583

Type

URI

Issue Tracking

http://hg.code.sf.net/p/graphicsmagick/code/rev/c53725cb5449

Patch

http://lists.opensuse.org/opensuse-updates/2016-10/msg00094.html

Third Party Advisory

http://www.debian.org/security/2016/dsa-3746

Mailing List

http://www.openwall.com/lists/oss-security/2016/10/16/15

Third Party Advisory

http://www.securityfocus.com/bid/93779