CVE-2016-10060
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-10060
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-10060.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2016-10060
- Downstream
- Related
- Published
- 2017-03-02T21:59:00Z
- Modified
- 2025-11-11T04:55:15.895960Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
- References
Affected packages
Git / github.com/imagemagick/imagemagick
Affected ranges
- Type
- GIT
- Repo
- https://github.com/imagemagick/imagemagick
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
7.*
7.0.1-0
7.0.1-1
7.0.1-2
7.0.1-3
7.0.1-4
7.0.1-5
7.0.1-6
7.0.1-7
7.0.1-8
7.0.1-9
Database specific
vanir_signatures
[
{
"digest": {
"line_hashes": [
"227299882721116592709482475795133037974",
"87423675193590435593635474209794369085",
"193678056235101955212642375656884137402",
"136001555097471905373161129692814644905",
"201732433303800874486204640889434781598",
"38213447942917837284738099203544728467",
"70880295127880853930865286503725358981",
"82294672300045105876531221560026020191",
"163936732842345039575980593813037427724",
"210953262708847840916372944530476032683",
"299609937888473617492738237168869493698",
"68603826471207600799051290829842220978",
"159062777604320975964365798253145446874",
"230807452498302207957261887537972372602",
"218891157201433039815294326940180809119",
"61054882771673948893216017920530891121",
"114530958464579643041822068585147914912",
"305223350599904233618870653115878852195",
"314983525292805033308482743870525436060",
"216169808303816933301535212766451714014",
"45216771192111082260336579381064815148",
"305738967218639126891935087515538132474",
"84997710681039802485460629174208153819",
"51892563601825328510546416731384338232",
"35667306662873101273123497707186252454",
"294438163978125294760746749404815481723",
"123545197954672763000257115338877295504",
"154079374254416245463467555078021530543",
"192418729030346308367255542467062480410",
"332859666834437471998377559189094802391",
"90725133897147716297022623934891403958",
"193974196492180964798431324993977305882",
"90765364666920445852478026926468475413"
],
"threshold": 0.9
},
"target": {
"file": "MagickWand/magick-cli.c"
},
"deprecated": false,
"id": "CVE-2016-10060-040525e1",
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/imagemagick/imagemagick/commit/933e96f01a8c889c7bf5ffd30020e86a02a046e7"
},
{
"digest": {
"length": 1011.0,
"function_hash": "195141214752207279250730582299668517571"
},
"target": {
"function": "ConcatenateImages",
"file": "MagickWand/magick-cli.c"
},
"deprecated": false,
"id": "CVE-2016-10060-bb490a43",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/imagemagick/imagemagick/commit/933e96f01a8c889c7bf5ffd30020e86a02a046e7"
}
]