CVE-2016-3714

• SUSE-SU-2016:1260-1
• SUSE-SU-2016:1275-1
• SUSE-SU-2016:1276-1
• SUSE-SU-2016:1301-1
• openSUSE-SU-2024:10040-1
• openSUSE-SU-2024:10505-1
• openSUSE-SU-2024:10860-1

• 8.4 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

{
    "unresolved_ranges": [
        {
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "6.9.3-9"
                }
            ]
        },
        {
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:a:imagemagick:imagemagick:7.0.0-0:*:*:*:*:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "7.0.0-0"
                }
            ]
        },
        {
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "12.04"
                }
            ]
        },
        {
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "14.04"
                }
            ]
        },
        {
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "15.10"
                }
            ]
        },
        {
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "16.04"
                }
            ]
        },
        {
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "8.0"
                }
            ]
        },
        {
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "9.0"
                }
            ]
        },
        {
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "42.1"
                }
            ]
        },
        {
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "13.2"
                }
            ]
        },
        {
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "12"
                }
            ]
        }
    ]
}

• https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-3714
• http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html
• http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html
• http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html
• http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html
• http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00041.html
• http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html
• http://packetstormsecurity.com/files/152364/ImageTragick-ImageMagick-Proof-Of-Concepts.html
• http://rhn.redhat.com/errata/RHSA-2016-0726.html
• http://www.debian.org/security/2016/dsa-3580
• http://www.debian.org/security/2016/dsa-3746
• http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
• http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
• http://www.rapid7.com/db/modules/exploit/unix/fileformat/imagemagick_delegate
• http://www.securityfocus.com/archive/1/538378/100/0/threaded
• http://www.securityfocus.com/bid/89848
• http://www.securitytracker.com/id/1035742
• http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568
• http://www.ubuntu.com/usn/USN-2990-1
• https://access.redhat.com/security/vulnerabilities/2296071
• https://imagetragick.com/
• https://security.gentoo.org/glsa/201611-21
• https://www.exploit-db.com/exploits/39767/
• https://www.exploit-db.com/exploits/39791/
• https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588
• https://www.imagemagick.org/script/changelog.php
• https://www.kb.cert.org/vuls/id/250519
• https://bugzilla.redhat.com/show_bug.cgi?id=1332492
• http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog
• http://www.openwall.com/lists/oss-security/2016/05/03/13
• http://www.openwall.com/lists/oss-security/2016/05/03/18