CVE-2016-8707
7.5
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | ImageMagick 7.0.3-1 | ImageMagick 7.0.3-1 | affected |
Weaknesses
- out-of-bounds write
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/94727
- http://www.debian.org/security/2017/dsa-3799
- http://www.talosintelligence.com/reports/TALOS-2016-0216/
References
- http://www.securityfocus.com/bid/94727
- http://www.debian.org/security/2017/dsa-3799
- http://www.talosintelligence.com/reports/TALOS-2016-0216/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.