CVE-2016-10049

Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.

References

Affected packages

Git / github.com/imagemagick/imagemagick

Affected ranges

Type: GIT
Repo: https://github.com/imagemagick/imagemagick
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

13db820f5e24cd993ee554e99377fea02a904e18

Fixed

3e9165285eda6e1bb71172031d3048b51bb443a4

Affected versions

7.*

7.0.1-0

7.0.1-1

7.0.1-2

7.0.1-3

7.0.1-4

Database specific

vanir_signatures

[
    {
        "id": "CVE-2016-10049-061255cf",
        "signature_type": "Line",
        "target": {
            "file": "coders/rle.c"
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/13db820f5e24cd993ee554e99377fea02a904e18",
        "digest": {
            "line_hashes": [
                "15085698245396628979736252668829938793",
                "207593829335744966479485846325957567674",
                "205730496597199750897337113208774315595",
                "1625854575163316370524320667962756903",
                "209238465439521243691342055796927148967",
                "315930026504774688844713364405651882690",
                "257496872548704593883252145595791765473"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "deprecated": false
    },
    {
        "id": "CVE-2016-10049-8143401b",
        "signature_type": "Line",
        "target": {
            "file": "coders/rle.c"
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4",
        "digest": {
            "line_hashes": [
                "15085698245396628979736252668829938793",
                "207593829335744966479485846325957567674",
                "205730496597199750897337113208774315595",
                "1625854575163316370524320667962756903",
                "209238465439521243691342055796927148967",
                "315930026504774688844713364405651882690",
                "257496872548704593883252145595791765473"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "deprecated": false
    },
    {
        "id": "CVE-2016-10049-92d9c5c1",
        "signature_type": "Function",
        "target": {
            "function": "ReadRLEImage",
            "file": "coders/rle.c"
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4",
        "digest": {
            "length": 10666.0,
            "function_hash": "249481700803844261421136940074108375902"
        },
        "signature_version": "v1",
        "deprecated": false
    },
    {
        "id": "CVE-2016-10049-b5a57b0d",
        "signature_type": "Function",
        "target": {
            "function": "ReadRLEImage",
            "file": "coders/rle.c"
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/13db820f5e24cd993ee554e99377fea02a904e18",
        "digest": {
            "length": 10804.0,
            "function_hash": "25849057458396076997342902357546017727"
        },
        "signature_version": "v1",
        "deprecated": false
    }
]

Git / github.com/imagemagick/imagemagick6

Affected ranges

Type: GIT
Repo: https://github.com/imagemagick/imagemagick6
Events: Introduced

0 Unknown introduced commit / All previous commits are affected