CVE-2016-9298

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-9298
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-9298.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-9298
Downstream
Published
2017-01-27T22:59:01.897Z
Modified
2026-05-14T12:18:21.708420Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image.

References

Affected packages

Git / github.com/imagemagick/imagemagick

Affected ranges

Type
GIT
Repo
https://github.com/imagemagick/imagemagick
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e46b7d19de7914881986ef939f690facc7a0198d
Last affected
044a9bc056a8e0a7979009b41901e97640626257
Last affected
f67a61425f27009d4ac16a62e31758e5af3a7226
Last affected
1a5fed605982a1a20e8e9bd57502e2ce94d7dc3e
Last affected
ac72d94febc1744579bad2646685a2054c087594
Last affected
580b68fc398b9bf7ec1a025524f294ce76fcf521
Last affected
8af0c7343af5ecda6a99611333321ca283ae505a
Last affected
59ff8f4d216c030529c39fbefbd13fed45a29c63
Last affected
fe4eecee8c4942cb836bc63f79ed5eaa39069f69
Last affected
3cf86f2d1d1ef36d99879c6e5d206138a72e156a
Last affected
2615e69b7e7d72e3bd5eef828708d08d1490b7fe
Last affected
25ea4de824468525f809ed1d62946626cb6e8aa6
Last affected
01588fbdd5469847e919b472e8bfbd69bef0d652
Last affected
b260eaadf2c72ffbe5a598e46ef6cee15fd2548f
Last affected
c3e69b0b7c24534f14cf604304324d01b082833a
Last affected
5cbdc8e011effc2ca5d2c6f15377263105c152a2
Last affected
98f90370b548e09494b1ee5c05d03e19d6e476af
Last affected
b3faa0890ca53b2b728d3eea0710ca58dfa7d3d3
Last affected
d67c907006d990429cd0979873251faff01fbb0a
Last affected
b6d827bb2dc5aff7b731e4f15f979090cb2a352a
Last affected
72fc458e010f709b5383baba6dc736d8cd60188f
Last affected
104b6c96a4d7cd159f234a8f8fa1b4649b1d7286
Last affected
faccddce0f6cb1e22df9d558b446a17f912e906d
Last affected
3448b33066a13a5d51dce90ffd083a6106f43e40
Last affected
ebaa1ec6e56b04ea7b625f2eb28957d3bf9d75d8
Last affected
28b7715cc32e487462782f6e4ad5bf4aeb239a66
Last affected
83da034c73811a457239b0de644bdad0e3d64360
Last affected
9e6e0ce4590fd97d980aa9505dde1031b076ea14
Database specific 
{
    "cpe": [
        "cpe:2.3:a:imagemagick:imagemagick:7.0.1-0:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.1-1:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.1-2:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.1-3:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.1-4:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.1-5:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.1-6:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.1-7:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.1-8:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.1-9:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.1-10:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.2-0:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.2-1:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.2-2:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.2-3:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.2-4:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.2-5:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.2-6:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.2-7:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.2-8:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.2-9:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.2-10:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.3-0:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.3-1:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.3-2:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.3-3:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.3-4:*:*:*:*:*:*:*",
        "cpe:2.3:a:imagemagick:imagemagick:7.0.3-5:*:*:*:*:*:*:*"
    ],
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.1-0"
        },
        {
            "last_affected": "7.0.1-1"
        },
        {
            "last_affected": "7.0.1-2"
        },
        {
            "last_affected": "7.0.1-3"
        },
        {
            "last_affected": "7.0.1-4"
        },
        {
            "last_affected": "7.0.1-5"
        },
        {
            "last_affected": "7.0.1-6"
        },
        {
            "last_affected": "7.0.1-7"
        },
        {
            "last_affected": "7.0.1-8"
        },
        {
            "last_affected": "7.0.1-9"
        },
        {
            "last_affected": "7.0.1-10"
        },
        {
            "last_affected": "7.0.2-0"
        },
        {
            "last_affected": "7.0.2-1"
        },
        {
            "last_affected": "7.0.2-2"
        },
        {
            "last_affected": "7.0.2-3"
        },
        {
            "last_affected": "7.0.2-4"
        },
        {
            "last_affected": "7.0.2-5"
        },
        {
            "last_affected": "7.0.2-6"
        },
        {
            "last_affected": "7.0.2-7"
        },
        {
            "last_affected": "7.0.2-8"
        },
        {
            "last_affected": "7.0.2-9"
        },
        {
            "last_affected": "7.0.2-10"
        },
        {
            "last_affected": "7.0.3-0"
        },
        {
            "last_affected": "7.0.3-1"
        },
        {
            "last_affected": "7.0.3-2"
        },
        {
            "last_affected": "7.0.3-3"
        },
        {
            "last_affected": "7.0.3-4"
        },
        {
            "last_affected": "7.0.3-5"
        }
    ]
}

Affected versions

7.*
7.0.1-0
7.0.1-1
7.0.1-10
7.0.1-2
7.0.1-3
7.0.1-4
7.0.1-5
7.0.1-6
7.0.1-7
7.0.1-8
7.0.1-9
7.0.2-0
7.0.2-1
7.0.2-10
7.0.2-2
7.0.2-3
7.0.2-4
7.0.2-5
7.0.2-6
7.0.2-7
7.0.2-8
7.0.2-9
7.0.3-0
7.0.3-1
7.0.3-2
7.0.3-3
7.0.3-4
7.0.3-5

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-9298.json"

Git / github.com/imagemagick/imagemagick6

Affected ranges

Type
GIT
Repo
https://github.com/imagemagick/imagemagick6
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1d480d32938443a10dbdacfa77a4c6bfa93e623f
Database specific 
{
    "cpe": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.9.6-3"
        }
    ]
}

Affected versions

6.*
6.9.4-0
6.9.4-1
6.9.4-10
6.9.4-2
6.9.4-3
6.9.4-4
6.9.4-5
6.9.4-6
6.9.4-7
6.9.4-8
6.9.4-9
6.9.5-0
6.9.5-1
6.9.5-10
6.9.5-2
6.9.5-3
6.9.5-4
6.9.5-5
6.9.5-6
6.9.5-7
6.9.5-8
6.9.5-9
6.9.6-0
6.9.6-1
6.9.6-2
6.9.6-3

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-9298.json"