Vulnerability Details CVE-2016-6520
Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.034
EPSS Ranking 87.1%
CVSS Severity
CVSS v3 Score 9.1
CVSS v2 Score 6.4
References
- http://www.imagemagick.org/script/changelog.php
- http://www.openwall.com/lists/oss-security/2016/08/02/10
- http://www.openwall.com/lists/oss-security/2016/08/02/6
- http://www.securitytracker.com/id/1036502
- https://github.com/ImageMagick/ImageMagick/commit/76401e172ea3a55182be2b8e2aca4d07270f6da6
- http://www.imagemagick.org/script/changelog.php
- http://www.openwall.com/lists/oss-security/2016/08/02/10
- http://www.openwall.com/lists/oss-security/2016/08/02/6
- http://www.securitytracker.com/id/1036502
- https://github.com/ImageMagick/ImageMagick/commit/76401e172ea3a55182be2b8e2aca4d07270f6da6
Products affected by CVE-2016-6520
-
cpe:2.3:a:imagemagick:imagemagick:7.0.0-0
-
cpe:2.3:a:imagemagick:imagemagick:7.0.1-0
-
cpe:2.3:a:imagemagick:imagemagick:7.0.1-1
-
cpe:2.3:a:imagemagick:imagemagick:7.0.1-10
-
cpe:2.3:a:imagemagick:imagemagick:7.0.1-2
-
cpe:2.3:a:imagemagick:imagemagick:7.0.1-3
-
cpe:2.3:a:imagemagick:imagemagick:7.0.1-4
-
cpe:2.3:a:imagemagick:imagemagick:7.0.1-5
-
cpe:2.3:a:imagemagick:imagemagick:7.0.1-6
-
cpe:2.3:a:imagemagick:imagemagick:7.0.1-7
-
cpe:2.3:a:imagemagick:imagemagick:7.0.1-8
-
cpe:2.3:a:imagemagick:imagemagick:7.0.1-9
-
cpe:2.3:a:imagemagick:imagemagick:7.0.2-0
-
cpe:2.3:a:imagemagick:imagemagick:7.0.2-1
-
cpe:2.3:a:imagemagick:imagemagick:7.0.2-2
-
cpe:2.3:a:imagemagick:imagemagick:7.0.2-3
-
cpe:2.3:a:imagemagick:imagemagick:7.0.2-4
-
cpe:2.3:a:imagemagick:imagemagick:7.0.2-5
-
cpe:2.3:a:imagemagick:imagemagick:7.0.2-6