CVE-2016-10062

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2016-10062

Severity

Unknown

Description

The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.

References

https://images.chainguard.dev/security/CGA-f593-xp4p-5jch
https://github.com/advisories/GHSA-rvg9-g4rg-6wfj
https://images.chainguard.dev/security/CGA-m9w6-4f46-75jj
https://images.chainguard.dev/security/CGA-vj75-557x-5qh7
http://www.debian.org/security/2017/dsa-3799
http://www.securityfocus.com/bid/95209
https://bugzilla.redhat.com/show_bug.cgi?id=1410473
http://www.openwall.com/lists/oss-security/2016/12/26/9
https://github.com/ImageMagick/ImageMagick/issues/196
https://security-tracker.debian.org/tracker/CVE-2016-10062

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CVE-2016-10062

Severity

Description

References

Affected packages

Products

Why Chainguard

Customers

Company

Resources