CVE-2016-7534

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-7534

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-7534.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2016-7534

Downstream

DEBIAN-CVE-2016-7534

DLA-731-1

DSA-3652-1

SUSE-SU-2016:2667-1

UBUNTU-CVE-2016-7534

USN-3131-1

Related

Published

2017-04-20T18:59:01Z

Modified

2025-08-09T20:01:26Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file.

References

Affected packages

Debian:11 / imagemagick

Package

Name: imagemagick
Purl: pkg:deb/debian/imagemagick?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.6.2+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / imagemagick

Package

Name: imagemagick
Purl: pkg:deb/debian/imagemagick?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.6.2+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / imagemagick

Package

Name: imagemagick
Purl: pkg:deb/debian/imagemagick?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.6.2+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / imagemagick

Package

Name: imagemagick
Purl: pkg:deb/debian/imagemagick?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.6.2+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/imagemagick/imagemagick

Affected ranges

Type: GIT
Repo: https://github.com/imagemagick/imagemagick
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

430403b0029b37decf216d57f810899cab2317dd

Type: GIT
Repo: https://github.com/imagemagick/imagemagick6
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

4bae9bed8a79e031884ca9a4681dce89dbd26855

Database specific

{
    "vanir_signatures": [
        {
            "source": "https://github.com/imagemagick/imagemagick/commit/430403b0029b37decf216d57f810899cab2317dd",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "279780406492020198224414490192656134076",
                    "165509535835752215352766591678396712978",
                    "334990305530515618625570203835225520717",
                    "310137992936096055742875751060550823519"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "target": {
                "file": "MagickCore/quantum-import.c"
            },
            "signature_type": "Line",
            "id": "CVE-2016-7534-1216b63e"
        },
        {
            "source": "https://github.com/imagemagick/imagemagick/commit/430403b0029b37decf216d57f810899cab2317dd",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "150582313391060383145888422678946241836",
                    "12343739742083704658476233993916836135",
                    "96510333725124992445103655415430258783",
                    "113453668309720226725036070704100361706",
                    "335491287456092087381507670849991034850",
                    "258442965066169845516182669581399808051",
                    "200435981484735651067277580428268406837"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "target": {
                "file": "MagickCore/quantum.c"
            },
            "signature_type": "Line",
            "id": "CVE-2016-7534-5d681d84"
        },
        {
            "source": "https://github.com/imagemagick/imagemagick/commit/430403b0029b37decf216d57f810899cab2317dd",
            "deprecated": false,
            "digest": {
                "function_hash": "315889846857341210545013850726621622347",
                "length": 818.0
            },
            "signature_version": "v1",
            "target": {
                "function": "GetQuantumExtent",
                "file": "MagickCore/quantum.c"
            },
            "signature_type": "Function",
            "id": "CVE-2016-7534-a695ed33"
        }
    ]
}