CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-2317

Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.5%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

Products affected by CVE-2016-2317

Graphicsmagick » Graphicsmagick » Version: 1.3.23

cpe:2.3:a:graphicsmagick:graphicsmagick:1.3.23
Suse » Linux Enterprise Debuginfo » Version: 11

cpe:2.3:a:suse:linux_enterprise_debuginfo:11
Suse » Studio Onsite » Version: 1.3

cpe:2.3:a:suse:studio_onsite:1.3
Debian » Debian Linux » Version: 8.0

cpe:2.3:o:debian:debian_linux:8.0
Opensuse » Leap » Version: 42.1

cpe:2.3:o:opensuse:leap:42.1
Opensuse » Opensuse » Version: 13.2

cpe:2.3:o:opensuse:opensuse:13.2
Suse » Linux Enterprise Software Development Kit » Version: 11

cpe:2.3:o:suse:linux_enterprise_software_development_kit:11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-2317

Products

Pricing

Contact Us