CVE-2016-10067

magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.

References

Affected packages

Git / github.com/imagemagick/imagemagick

Affected ranges

Type: GIT
Repo: https://github.com/imagemagick/imagemagick
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

0474237508f39c4f783208123431815f1ededb76

Type: GIT
Repo: https://github.com/imagemagick/imagemagick6
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

aa74980014c8246f92a200a6e431b8d8efe312e5

Affected versions

6.*

6.9.4-0

6.9.4-1

6.9.4-2

6.9.4-3

6.9.4-4

Database specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "108607596337284873438713357942574930214",
                    "237633640835997944068952276706033608549",
                    "120807976248275480082856013548573521133",
                    "118897056398172557493628946078783779803",
                    "121223272467362147315834562595814232384",
                    "179335662439473171314695401001724041771",
                    "113873992360146063094212461777552822983",
                    "333922816641655046025748233356858913110",
                    "266267152514014186465320715871393728081",
                    "214412374285936925203816822958700918856",
                    "339353674543151414102460601934362813929",
                    "276845728028218299557575875494509398560",
                    "319541286409470569834530754937755068660",
                    "181731089802856310941619364384460989067",
                    "151547825222425517076884105575962808811"
                ]
            },
            "id": "CVE-2016-10067-01801c0e",
            "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76",
            "signature_version": "v1",
            "signature_type": "Line",
            "target": {
                "file": "coders/label.c"
            },
            "deprecated": false
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "53787206279956202573671648496373016982",
                    "303516244542161883898920977145995064550",
                    "338667304928875696497022151079025015668",
                    "100985721311873205735363948094157127540",
                    "178158921106307629965529446786227195582",
                    "264207837489299956477613472589324079359",
                    "219354439851894461231981041107404293418",
                    "140535064203036670945300308113704356240",
                    "97349473963225920214940921589276250258",
                    "70090426918024051190773131812080074789",
                    "58645192621437736588711862293458866179",
                    "61314721810164076511379943107005253732",
                    "39699842088300623940374935683762797382",
                    "117095571284158819035524065504355536566",
                    "258007135289899567879324305484487390534",
                    "223845886969433362549586221023178023767",
                    "326978410136234277987615209375128600520",
                    "306444017120264752737509354588958303623",
                    "28545087243879278159816660121724531915",
                    "129676858489907891740588352079519765189",
                    "201053315912106487633772625961710441222",
                    "250821574545648720251097230628459156454",
                    "25054909255721746442188097154651468396",
                    "246607835063806645547394756362769139898",
                    "258997824493927227887749480366250166470",
                    "200327508670429439347903671429577287537"
                ]
            },
            "id": "CVE-2016-10067-1e67b3ac",
            "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76",
            "signature_version": "v1",
            "signature_type": "Line",
            "target": {
                "file": "coders/viff.c"
            },
            "deprecated": false
        },
        {
            "digest": {
                "function_hash": "307925872377087016446741724910969115367",
                "length": 225.0
            },
            "id": "CVE-2016-10067-2d9dd53b",
            "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76",
            "signature_version": "v1",
            "signature_type": "Function",
            "target": {
                "file": "magick/memory.c",
                "function": "CheckMemoryOverflow"
            },
            "deprecated": false
        },
        {
            "digest": {
                "function_hash": "307925872377087016446741724910969115367",
                "length": 225.0
            },
            "id": "CVE-2016-10067-67c495cb",
            "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76",
            "signature_version": "v1",
            "signature_type": "Function",
            "target": {
                "file": "coders/viff.c",
                "function": "CheckMemoryOverflow"
            },
            "deprecated": false
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "288554417113392843063944906536847778994",
                    "266238974516358030216152831934984587793",
                    "297935054960007214342408779001958397486",
                    "100985721311873205735363948094157127540",
                    "178158921106307629965529446786227195582",
                    "264207837489299956477613472589324079359",
                    "219354439851894461231981041107404293418",
                    "140535064203036670945300308113704356240",
                    "97349473963225920214940921589276250258",
                    "70090426918024051190773131812080074789",
                    "58645192621437736588711862293458866179",
                    "61314721810164076511379943107005253732",
                    "39699842088300623940374935683762797382",
                    "209622836300486528984667550194657566485",
                    "11910165410541749809231702517434511206",
                    "142368951571918335197043179485017177620",
                    "73190787010645692566280159822612513046",
                    "81250572606301466650314107025662053158",
                    "126596611108158729076549189697886747381",
                    "125640168392645451961003129459089052203",
                    "31043014141004938524514335861787050498",
                    "97729858875299111212715046913089563727",
                    "110718064199481662198301174729625367364",
                    "56359161671424950468264254872444436745",
                    "174393673240881518968981202671788981440",
                    "198194260308463205784828033953225088269",
                    "265659351690763809336263955494958094130",
                    "143257050742607329286151269639705210590",
                    "172677337797412220142258499668451977500",
                    "5715707803946165505867541198185010626",
                    "286761992254603781564111454482898118399",
                    "31043014141004938524514335861787050498",
                    "160062095623018238254576721928066562589",
                    "37120292623600446376840229629322149825",
                    "27392999917083770160978857971615169089"
                ]
            },
            "id": "CVE-2016-10067-6e4854b8",
            "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76",
            "signature_version": "v1",
            "signature_type": "Line",
            "target": {
                "file": "magick/memory.c"
            },
            "deprecated": false
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "202935799622310075340785417743766074224",
                    "226323798185080932130992804315249843247",
                    "57742649170761079362837749058095914311",
                    "204318077949300039755051142459070276437",
                    "55600058602503287623223921354378400578",
                    "86523852709779180855267222453944400513",
                    "38970680458556342418243341609934766628",
                    "15880177136517718166836114526319861647",
                    "170345292602722490836399326760739745993",
                    "130931443616747959215929175758247735561",
                    "92422542924647134950770009168117962116",
                    "77074365793088914454074111566598370691",
                    "268458383481560621607154736696875825582",
                    "334346319698806593949681098196923495241",
                    "224927926144911684702565965448291253749",
                    "80187538749638318263659268852598630028",
                    "20398501257197782315296132354572706942"
                ]
            },
            "id": "CVE-2016-10067-b40250a2",
            "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76",
            "signature_version": "v1",
            "signature_type": "Line",
            "target": {
                "file": "magick/exception.c"
            },
            "deprecated": false
        },
        {
            "digest": {
                "function_hash": "166116811364854504844705288607638663177",
                "length": 4241.0
            },
            "id": "CVE-2016-10067-c09706e1",
            "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76",
            "signature_version": "v1",
            "signature_type": "Function",
            "target": {
                "file": "coders/label.c",
                "function": "ReadLABELImage"
            },
            "deprecated": false
        },
        {
            "digest": {
                "function_hash": "119080263127803556733543282937685056962",
                "length": 964.0
            },
            "id": "CVE-2016-10067-dda1791a",
            "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76",
            "signature_version": "v1",
            "signature_type": "Function",
            "target": {
                "file": "magick/exception.c",
                "function": "CatchException"
            },
            "deprecated": false
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "61568625264949093379579943827871326422",
                    "242117551071302803750106664496130378052",
                    "45274112443096330732340197864051469229"
                ]
            },
            "id": "CVE-2016-10067-eceaca88",
            "source": "https://github.com/imagemagick/imagemagick/commit/0474237508f39c4f783208123431815f1ededb76",
            "signature_version": "v1",
            "signature_type": "Line",
            "target": {
                "file": "magick/memory-private.h"
            },
            "deprecated": false
        }
    ]
}