CVE-2016-10067

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2016-10067
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-10067.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-10067
Downstream
Published
2017-03-02T21:59:00Z
Modified
2025-10-29T23:33:08Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.

References

Affected packages

Git / github.com/imagemagick/imagemagick

Affected ranges

Type
GIT
Repo
https://github.com/imagemagick/imagemagick
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
0474237508f39c4f783208123431815f1ededb76

Database specific

vanir_signatures

[
    {
        "id": "CVE-2016-10067-01801c0e",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "target": {
            "file": "coders/label.c"
        },
        "digest": {
            "line_hashes": [
                "108607596337284873438713357942574930214",
                "237633640835997944068952276706033608549",
                "120807976248275480082856013548573521133",
                "118897056398172557493628946078783779803",
                "121223272467362147315834562595814232384",
                "179335662439473171314695401001724041771",
                "113873992360146063094212461777552822983",
                "333922816641655046025748233356858913110",
                "266267152514014186465320715871393728081",
                "214412374285936925203816822958700918856",
                "339353674543151414102460601934362813929",
                "276845728028218299557575875494509398560",
                "319541286409470569834530754937755068660",
                "181731089802856310941619364384460989067",
                "151547825222425517076884105575962808811"
            ],
            "threshold": 0.9
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76"
    },
    {
        "id": "CVE-2016-10067-1e67b3ac",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "target": {
            "file": "coders/viff.c"
        },
        "digest": {
            "line_hashes": [
                "53787206279956202573671648496373016982",
                "303516244542161883898920977145995064550",
                "338667304928875696497022151079025015668",
                "100985721311873205735363948094157127540",
                "178158921106307629965529446786227195582",
                "264207837489299956477613472589324079359",
                "219354439851894461231981041107404293418",
                "140535064203036670945300308113704356240",
                "97349473963225920214940921589276250258",
                "70090426918024051190773131812080074789",
                "58645192621437736588711862293458866179",
                "61314721810164076511379943107005253732",
                "39699842088300623940374935683762797382",
                "117095571284158819035524065504355536566",
                "258007135289899567879324305484487390534",
                "223845886969433362549586221023178023767",
                "326978410136234277987615209375128600520",
                "306444017120264752737509354588958303623",
                "28545087243879278159816660121724531915",
                "129676858489907891740588352079519765189",
                "201053315912106487633772625961710441222",
                "250821574545648720251097230628459156454",
                "25054909255721746442188097154651468396",
                "246607835063806645547394756362769139898",
                "258997824493927227887749480366250166470",
                "200327508670429439347903671429577287537"
            ],
            "threshold": 0.9
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76"
    },
    {
        "id": "CVE-2016-10067-2d9dd53b",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "target": {
            "file": "magick/memory.c",
            "function": "CheckMemoryOverflow"
        },
        "digest": {
            "function_hash": "307925872377087016446741724910969115367",
            "length": 225.0
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76"
    },
    {
        "id": "CVE-2016-10067-67c495cb",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "target": {
            "file": "coders/viff.c",
            "function": "CheckMemoryOverflow"
        },
        "digest": {
            "function_hash": "307925872377087016446741724910969115367",
            "length": 225.0
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76"
    },
    {
        "id": "CVE-2016-10067-6e4854b8",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "target": {
            "file": "magick/memory.c"
        },
        "digest": {
            "line_hashes": [
                "288554417113392843063944906536847778994",
                "266238974516358030216152831934984587793",
                "297935054960007214342408779001958397486",
                "100985721311873205735363948094157127540",
                "178158921106307629965529446786227195582",
                "264207837489299956477613472589324079359",
                "219354439851894461231981041107404293418",
                "140535064203036670945300308113704356240",
                "97349473963225920214940921589276250258",
                "70090426918024051190773131812080074789",
                "58645192621437736588711862293458866179",
                "61314721810164076511379943107005253732",
                "39699842088300623940374935683762797382",
                "209622836300486528984667550194657566485",
                "11910165410541749809231702517434511206",
                "142368951571918335197043179485017177620",
                "73190787010645692566280159822612513046",
                "81250572606301466650314107025662053158",
                "126596611108158729076549189697886747381",
                "125640168392645451961003129459089052203",
                "31043014141004938524514335861787050498",
                "97729858875299111212715046913089563727",
                "110718064199481662198301174729625367364",
                "56359161671424950468264254872444436745",
                "174393673240881518968981202671788981440",
                "198194260308463205784828033953225088269",
                "265659351690763809336263955494958094130",
                "143257050742607329286151269639705210590",
                "172677337797412220142258499668451977500",
                "5715707803946165505867541198185010626",
                "286761992254603781564111454482898118399",
                "31043014141004938524514335861787050498",
                "160062095623018238254576721928066562589",
                "37120292623600446376840229629322149825",
                "27392999917083770160978857971615169089"
            ],
            "threshold": 0.9
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76"
    },
    {
        "id": "CVE-2016-10067-b40250a2",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "target": {
            "file": "magick/exception.c"
        },
        "digest": {
            "line_hashes": [
                "202935799622310075340785417743766074224",
                "226323798185080932130992804315249843247",
                "57742649170761079362837749058095914311",
                "204318077949300039755051142459070276437",
                "55600058602503287623223921354378400578",
                "86523852709779180855267222453944400513",
                "38970680458556342418243341609934766628",
                "15880177136517718166836114526319861647",
                "170345292602722490836399326760739745993",
                "130931443616747959215929175758247735561",
                "92422542924647134950770009168117962116",
                "77074365793088914454074111566598370691",
                "268458383481560621607154736696875825582",
                "334346319698806593949681098196923495241",
                "224927926144911684702565965448291253749",
                "80187538749638318263659268852598630028",
                "20398501257197782315296132354572706942"
            ],
            "threshold": 0.9
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76"
    },
    {
        "id": "CVE-2016-10067-c09706e1",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "target": {
            "file": "coders/label.c",
            "function": "ReadLABELImage"
        },
        "digest": {
            "function_hash": "166116811364854504844705288607638663177",
            "length": 4241.0
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76"
    },
    {
        "id": "CVE-2016-10067-dda1791a",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "target": {
            "file": "magick/exception.c",
            "function": "CatchException"
        },
        "digest": {
            "function_hash": "119080263127803556733543282937685056962",
            "length": 964.0
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76"
    },
    {
        "id": "CVE-2016-10067-eceaca88",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "target": {
            "file": "magick/memory-private.h"
        },
        "digest": {
            "line_hashes": [
                "61568625264949093379579943827871326422",
                "242117551071302803750106664496130378052",
                "45274112443096330732340197864051469229"
            ],
            "threshold": 0.9
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76"
    }
]

Git / github.com/imagemagick/imagemagick6

Affected ranges

Type
GIT
Repo
https://github.com/imagemagick/imagemagick6
Events
Introduced
0 Unknown introduced commit / All previous commits are affected