CVE-2016-7537

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2016-7537
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-7537.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-7537
Downstream
Related
Published
2017-04-19T14:59:00Z
Modified
2025-10-15T08:24:35.870214Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.

References

Affected packages

Git / github.com/imagemagick/imagemagick

Affected ranges

Type
GIT
Repo
https://github.com/imagemagick/imagemagick
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
424d40ebfcde48bb872eba75179d3d73704fdf1f
Fixed
6d202a0514fb6a406456b8b728cde776becb25f8
Type
GIT
Repo
https://github.com/imagemagick/imagemagick6
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
a538ee5896a59f1bc51531e3f35ffdb0671c112c

Affected versions

6.*

6.9.4-0
6.9.4-1
6.9.4-2
6.9.4-3
6.9.4-4
6.9.4-5
6.9.4-6

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "deprecated": false,
        "source": "https://github.com/imagemagick/imagemagick/commit/424d40ebfcde48bb872eba75179d3d73704fdf1f",
        "signature_version": "v1",
        "target": {
            "function": "ReadPDBImage",
            "file": "coders/pdb.c"
        },
        "digest": {
            "function_hash": "245536443729321638560811208393373091588",
            "length": 7557.0
        },
        "id": "CVE-2016-7537-241f6354"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "source": "https://github.com/imagemagick/imagemagick/commit/424d40ebfcde48bb872eba75179d3d73704fdf1f",
        "signature_version": "v1",
        "target": {
            "file": "coders/pdb.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "195700213878708739584973953263929834037",
                "127001390545350096127509089342134958571",
                "312976296321682822423035955611770155602",
                "43458563508831390649841306290342822136",
                "69377026283781199174783257933334413643",
                "213684838069987441547577077261062337348",
                "185718187328265257773756574811842688345",
                "193759546867080745124346092111811069674"
            ]
        },
        "id": "CVE-2016-7537-771cb203"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "source": "https://github.com/imagemagick/imagemagick6/commit/a538ee5896a59f1bc51531e3f35ffdb0671c112c",
        "signature_version": "v1",
        "target": {
            "file": "magick/compare.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "256170426374730791316723891306030411744",
                "179287232330675478699640603698197626783",
                "10008791069601683299363072325000413196",
                "156687224869112407250469545581865055717"
            ]
        },
        "id": "CVE-2016-7537-7cc01ee0"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "source": "https://github.com/imagemagick/imagemagick6/commit/a538ee5896a59f1bc51531e3f35ffdb0671c112c",
        "signature_version": "v1",
        "target": {
            "function": "CompareImageChannels",
            "file": "magick/compare.c"
        },
        "digest": {
            "function_hash": "208555918494453285310393284817434773997",
            "length": 4531.0
        },
        "id": "CVE-2016-7537-9ef71b70"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "source": "https://github.com/imagemagick/imagemagick/commit/6d202a0514fb6a406456b8b728cde776becb25f8",
        "signature_version": "v1",
        "target": {
            "function": "ReadPDBImage",
            "file": "coders/pdb.c"
        },
        "digest": {
            "function_hash": "233291386131544965719723058518007056215",
            "length": 7744.0
        },
        "id": "CVE-2016-7537-ad923f70"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "source": "https://github.com/imagemagick/imagemagick/commit/424d40ebfcde48bb872eba75179d3d73704fdf1f",
        "signature_version": "v1",
        "target": {
            "function": "WritePDBImage",
            "file": "coders/pdb.c"
        },
        "digest": {
            "function_hash": "253458775475632349623304731944574508586",
            "length": 7066.0
        },
        "id": "CVE-2016-7537-d1b1f3b4"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "source": "https://github.com/imagemagick/imagemagick/commit/6d202a0514fb6a406456b8b728cde776becb25f8",
        "signature_version": "v1",
        "target": {
            "function": "WritePDBImage",
            "file": "coders/pdb.c"
        },
        "digest": {
            "function_hash": "235532095449566391106186274235310370976",
            "length": 7114.0
        },
        "id": "CVE-2016-7537-e26ed585"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "source": "https://github.com/imagemagick/imagemagick/commit/6d202a0514fb6a406456b8b728cde776becb25f8",
        "signature_version": "v1",
        "target": {
            "file": "coders/pdb.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "36095984160899530221103092022782392467",
                "127001390545350096127509089342134958571",
                "312976296321682822423035955611770155602",
                "43458563508831390649841306290342822136",
                "69377026283781199174783257933334413643",
                "213684838069987441547577077261062337348",
                "185718187328265257773756574811842688345",
                "193759546867080745124346092111811069674"
            ]
        },
        "id": "CVE-2016-7537-e53ffbd4"
    }
]