CVE-2016-4563
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-4563
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-4563.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2016-4563
- Downstream
- Related
- Published
- 2016-06-04T16:59:01Z
- Modified
- 2025-10-15T08:11:28.886630Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
- References
Affected packages
Git / github.com/imagemagick/imagemagick
Affected ranges
- Type
- GIT
- Repo
- https://github.com/imagemagick/imagemagick
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
vanir_signatures
[
{
"digest": {
"function_hash": "19087062209882581044641411060786551904",
"length": 10540.0
},
"target": {
"function": "TraceStrokePolygon",
"file": "MagickCore/draw.c"
},
"id": "CVE-2016-4563-0769ef42",
"source": "https://github.com/imagemagick/imagemagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950",
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
},
{
"digest": {
"function_hash": "199412975228909332613035562347786452244",
"length": 3488.0
},
"target": {
"function": "GetDrawInfo",
"file": "MagickCore/draw.c"
},
"id": "CVE-2016-4563-890e239d",
"source": "https://github.com/imagemagick/imagemagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950",
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"335925560134690317193092292346148598978",
"307948842438111121134376582141792796824",
"97345539009483171584076736458940709996",
"64898305418218442766827821520648203195",
"39912305942279437731012210379761251617",
"40443501656162150355495403035712924760",
"73770472470587632883798795161565020304",
"108226680772346091687868864400085679842",
"123500761471490265105147971528166897161",
"128911744063364514777923767508840543425",
"52330198588996416451826398963021301631",
"39155747152746986153251298903565164589",
"263893698248966395428460961874113703311",
"222972072724161323662315619050432438047",
"37872776098310485081149520352596256823",
"87766492829804867606755861836032755714",
"318812137520032918497578210276177144452",
"285519679534823872783653649443451620369",
"111664113479720381242873764103512901456",
"209105006954348787744956521427701845128",
"86994817891360412057289853076436632576",
"282816159401390604297193423431513401052",
"263960042071451048902034245583640204662",
"107173512466735287013316648176502235637",
"176276748335204020322126314289568947720",
"282816159401390604297193423431513401052",
"263960042071451048902034245583640204662",
"107173512466735287013316648176502235637",
"310828230740712513599460023578692140619",
"31749063765810394033456734707565040366",
"66603185189968205733053196986599662754",
"149118458899116707934837996113363284337",
"10266813249376292710459755104441149012",
"260728227847294758935892291231482334031",
"183014658586905284531964200868872214974",
"176631909759406139029928140274926783744",
"308642993537714985887596125408117446631",
"248624470573473206926966028792723341877",
"44017432680821659120688356788415541818",
"13513726291783741092497127189136216081",
"219005237784560473002689149717526593856",
"16920365415131233757724635579526988406",
"336064720220418584245076687232359569712",
"91759784730048765921748842399854390431",
"173447169806335433436180807977390116521",
"141063037036872547953980132765050672364",
"159035688460192567075543989008746304701",
"216176733096076452748713191831734300187",
"69415229704931832362455333872666459402",
"147167426969163165536624855055937205817",
"175753101143168695242006631749909177644",
"143670045905339725661114794419022984854",
"158615013654191673580989709297953542361",
"82680078655929986894877045897422248313"
]
},
"target": {
"file": "MagickCore/draw.c"
},
"id": "CVE-2016-4563-a451aa3a",
"source": "https://github.com/imagemagick/imagemagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950",
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false
},
{
"digest": {
"function_hash": "25757192401322138830226923066754159931",
"length": 3350.0
},
"target": {
"function": "DrawDashPolygon",
"file": "MagickCore/draw.c"
},
"id": "CVE-2016-4563-a7899e3b",
"source": "https://github.com/imagemagick/imagemagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950",
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
},
{
"digest": {
"function_hash": "188218296422400481329023041470426665333",
"length": 33654.0
},
"target": {
"function": "DrawImage",
"file": "MagickCore/draw.c"
},
"id": "CVE-2016-4563-c0d05cd5",
"source": "https://github.com/imagemagick/imagemagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950",
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
}
]