CVE-2016-5690

Source
https://cve.org/CVERecord?id=CVE-2016-5690
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-5690.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-5690
Downstream
Related
Published
2016-12-13T15:59:03.873Z
Modified
2026-07-11T18:19:14.628784Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.

Database specific
{
    "unresolved_ranges": [
        {
            "vendor_product": "imagemagick:imagemagick",
            "cpes": [
                "cpe:2.3:a:imagemagick:imagemagick:7.0.1-0:*:*:*:*:*:*:*",
                "cpe:2.3:a:imagemagick:imagemagick:7.0.1-1:*:*:*:*:*:*:*",
                "cpe:2.3:a:imagemagick:imagemagick:7.0.1-2:*:*:*:*:*:*:*",
                "cpe:2.3:a:imagemagick:imagemagick:7.0.1-3:*:*:*:*:*:*:*",
                "cpe:2.3:a:imagemagick:imagemagick:7.0.1-4:*:*:*:*:*:*:*",
                "cpe:2.3:a:imagemagick:imagemagick:7.0.1-5:*:*:*:*:*:*:*",
                "cpe:2.3:a:imagemagick:imagemagick:7.0.1-6:*:*:*:*:*:*:*"
            ],
            "source": "CPE_STRING",
            "extracted_events": [
                {
                    "introduced": "7.0.1-0"
                },
                {
                    "last_affected": "7.0.1-0"
                },
                {
                    "introduced": "7.0.1-0"
                },
                {
                    "last_affected": "7.0.1-0"
                },
                {
                    "introduced": "7.0.1-1"
                },
                {
                    "last_affected": "7.0.1-1"
                },
                {
                    "introduced": "7.0.1-1"
                },
                {
                    "last_affected": "7.0.1-1"
                },
                {
                    "introduced": "7.0.1-2"
                },
                {
                    "last_affected": "7.0.1-2"
                },
                {
                    "introduced": "7.0.1-2"
                },
                {
                    "last_affected": "7.0.1-2"
                },
                {
                    "introduced": "7.0.1-3"
                },
                {
                    "last_affected": "7.0.1-3"
                },
                {
                    "introduced": "7.0.1-3"
                },
                {
                    "last_affected": "7.0.1-3"
                },
                {
                    "introduced": "7.0.1-4"
                },
                {
                    "last_affected": "7.0.1-4"
                },
                {
                    "introduced": "7.0.1-4"
                },
                {
                    "last_affected": "7.0.1-4"
                },
                {
                    "introduced": "7.0.1-5"
                },
                {
                    "last_affected": "7.0.1-5"
                },
                {
                    "introduced": "7.0.1-5"
                },
                {
                    "last_affected": "7.0.1-5"
                },
                {
                    "introduced": "7.0.1-6"
                },
                {
                    "last_affected": "7.0.1-6"
                },
                {
                    "introduced": "7.0.1-6"
                },
                {
                    "last_affected": "7.0.1-6"
                }
            ]
        },
        {
            "vendor_product": "oracle:solaris",
            "cpes": [
                "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*"
            ],
            "source": "CPE_STRING",
            "extracted_events": [
                {
                    "introduced": "11.3"
                },
                {
                    "last_affected": "11.3"
                }
            ]
        }
    ]
}
References

Affected packages

Git / github.com/imagemagick/imagemagick

Affected ranges

Type
GIT
Repo
https://github.com/imagemagick/imagemagick
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": "REFERENCES"
}

Affected versions

7.*
7.0.1-0
7.0.1-1
7.0.1-2
7.0.1-3
7.0.1-4
7.0.1-5
7.0.1-6

Database specific

vanir_signatures
[
    {
        "digest": {
            "line_hashes": [
                "125690708503204704179866250422592584464",
                "297118995262517685663034534754128752549",
                "71456700239368997875191045675705977984",
                "310300479292880551150267313013585917428",
                "75158705854446966296570889487461669595",
                "256487543234322570650697034452382529675",
                "101800047312087569013320574819529047408",
                "278330530480765877102691904248489772845",
                "269998386639281855675428201403715945157",
                "222744906410054753423939657109388688498",
                "31328229820292102911312279564588830172",
                "230150294241990504871522991641849196906",
                "303987760605767369302449797372453866768",
                "199538023032157869037437909163117919625",
                "281035373911219828636523423704845789944",
                "134836911006447715844848858788155042871"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2016-5690-0d876578",
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://github.com/imagemagick/imagemagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d",
        "target": {
            "file": "coders/dcm.c"
        }
    },
    {
        "digest": {
            "length": 27156.0,
            "function_hash": "319746287147606933465858284226449158380"
        },
        "id": "CVE-2016-5690-9ac331bb",
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://github.com/imagemagick/imagemagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d",
        "target": {
            "function": "ReadDCMImage",
            "file": "coders/dcm.c"
        }
    }
]
vanir_signatures_modified
"2026-07-11T18:19:14Z"
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-5690.json"

Git / github.com/imagemagick/imagemagick6

Affected ranges

Type
GIT
Repo
https://github.com/imagemagick/imagemagick6
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "cpe": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
    "source": "CPE_RANGE",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.9.4-4"
        }
    ]
}

Affected versions

6.*
6.9.4-0
6.9.4-1
6.9.4-2
6.9.4-3
6.9.4-4

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-5690.json"