CVE-2016-7529

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-7529

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-7529.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2016-7529

Downstream

DLA-731-1

DSA-3652-1

SUSE-SU-2016:2667-1

SUSE-SU-2016:2724-1

SUSE-SU-2016:2964-1

UBUNTU-CVE-2016-7529

USN-3131-1

Related

Published

2017-04-19T14:59:00Z

Modified

2025-08-09T20:01:25Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.

References

Affected packages

Debian:11 / imagemagick

Package

Name: imagemagick
Purl: pkg:deb/debian/imagemagick?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.6.2+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / imagemagick

Package

Name: imagemagick
Purl: pkg:deb/debian/imagemagick?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.6.2+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / imagemagick

Package

Name: imagemagick
Purl: pkg:deb/debian/imagemagick?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.6.2+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / imagemagick

Package

Name: imagemagick
Purl: pkg:deb/debian/imagemagick?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.6.2+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/imagemagick/imagemagick

Affected ranges

Type: GIT
Repo: https://github.com/imagemagick/imagemagick
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

a2e1064f288a353bc5fef7f79ccb7683759e775c

Type: GIT
Repo: https://github.com/imagemagick/imagemagick6
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

4bae9bed8a79e031884ca9a4681dce89dbd26855

Database specific

{
    "vanir_signatures": [
        {
            "source": "https://github.com/imagemagick/imagemagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c",
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2016-7529-090ee1ae",
            "digest": {
                "line_hashes": [
                    "138096241285110294355382627119546480526",
                    "147891001163703980668253038809205849440",
                    "165775697539383860986159665392167547013",
                    "158602795950034484622567181873159251259"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "target": {
                "file": "coders/xcf.c"
            }
        },
        {
            "source": "https://github.com/imagemagick/imagemagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c",
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2016-7529-7d0da22c",
            "digest": {
                "function_hash": "56161241447301988927986251681830986047",
                "length": 1597.0
            },
            "signature_type": "Function",
            "target": {
                "function": "load_tile",
                "file": "coders/xcf.c"
            }
        }
    ]
}