CVE-2016-7101

The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.

References

Affected packages

Git / github.com/imagemagick/imagemagick

Affected ranges

Type

GIT

Repo

https://github.com/imagemagick/imagemagick

Events

Introduced

Fixed

104b6c96a4d7cd159f234a8f8fa1b4649b1d7286

Fixed

7afcf9f71043df15508e46f079387bd4689a738d

Fixed

8f8959033e4e59418d6506b345829af1f7a71127

Database specific

{
    "source": [
        "CPE_RANGE",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "7.0.0-0"
        },
        {
            "fixed": "7.0.2-10"
        }
    ],
    "cpe": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*"
}

Affected versions

7.*

7.0.1-0

7.0.1-1

7.0.1-10

7.0.1-2

7.0.1-3

7.0.1-4

7.0.1-5

7.0.1-6

7.0.1-7

7.0.1-8

7.0.1-9

7.0.2-0

7.0.2-1

7.0.2-2

7.0.2-3

7.0.2-4

7.0.2-5

7.0.2-6

7.0.2-7

7.0.2-8

7.0.2-9

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-7101.json"

Git / github.com/imagemagick/imagemagick6

Affected ranges

Type

GIT

Repo

https://github.com/imagemagick/imagemagick6

Events

Introduced

Fixed

a1f20bada73d7bc3caeb0848cbfb8f2e47cdeb82

Database specific

{
    "source": "CPE_RANGE",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "6.9.5-8"
        }
    ],
    "cpe": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*"
}

Affected versions

6.*

6.9.4-0

6.9.4-1

6.9.4-10

6.9.4-2

6.9.4-3

6.9.4-4

6.9.4-5

6.9.4-6

6.9.4-7

6.9.4-8

6.9.4-9

6.9.5-0

6.9.5-1

6.9.5-2

6.9.5-3

6.9.5-4

6.9.5-5

6.9.5-6

6.9.5-7

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-7101.json"