CVE-2018-16642

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-16642
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-16642.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-16642
Downstream
Related
Published
2018-09-06T22:29:00Z
Modified
2025-10-15T09:24:20.218224Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write.

References

Affected packages

Git / github.com/imagemagick/imagemagick

Affected ranges

Type
GIT
Repo
https://github.com/imagemagick/imagemagick
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
cc4ac341f29fa368da6ef01c207deaf8c61f6a2e

Affected versions

7.*

7.0.1-0
7.0.1-1
7.0.1-10
7.0.1-2
7.0.1-3
7.0.1-4
7.0.1-5
7.0.1-6
7.0.1-7
7.0.1-8
7.0.1-9
7.0.2-0
7.0.2-1
7.0.2-10
7.0.2-2
7.0.2-3
7.0.2-4
7.0.2-5
7.0.2-6
7.0.2-7
7.0.2-8
7.0.2-9
7.0.3-0
7.0.3-1
7.0.3-10
7.0.3-2
7.0.3-3
7.0.3-4
7.0.3-5
7.0.3-6
7.0.3-7
7.0.3-8
7.0.3-9
7.0.4-0
7.0.4-1
7.0.4-10
7.0.4-2
7.0.4-3
7.0.4-4
7.0.4-5
7.0.4-6
7.0.4-7
7.0.4-8
7.0.4-9
7.0.5-0
7.0.5-1
7.0.5-10
7.0.5-2
7.0.5-3
7.0.5-4
7.0.5-5
7.0.5-6
7.0.5-7
7.0.5-8
7.0.5-9
7.0.6-0
7.0.6-1
7.0.6-2
7.0.6-3
7.0.6-4
7.0.6-5
7.0.6-6
7.0.6-7
7.0.6-8
7.0.6-9
7.0.7-0
7.0.7-1
7.0.7-10
7.0.7-11
7.0.7-12
7.0.7-13
7.0.7-14
7.0.7-15
7.0.7-16
7.0.7-17
7.0.7-18
7.0.7-19
7.0.7-2
7.0.7-20
7.0.7-21
7.0.7-22
7.0.7-23
7.0.7-24
7.0.7-25
7.0.7-26
7.0.7-27
7.0.7-28
7.0.7-29
7.0.7-3
7.0.7-30
7.0.7-31
7.0.7-32
7.0.7-33
7.0.7-34
7.0.7-35
7.0.7-36
7.0.7-37
7.0.7-38
7.0.7-4
7.0.7-5
7.0.7-6
7.0.7-8
7.0.7-9
7.0.7.7

Database specific

vanir_signatures

[
    {
        "id": "CVE-2018-16642-1e09a338",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "coders/cut.c"
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/cc4ac341f29fa368da6ef01c207deaf8c61f6a2e",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "300241611087885807893402881423120301017",
                "233319732431438604094915454378745026554",
                "1121590166619683826650404507143740889",
                "195780326457530436193200552036235776613",
                "209423201584587416006319475595203747533",
                "251894047603090528347342898477986275912",
                "16206041500551614227360404643675103363",
                "181950443314517337213611969778266675112",
                "140146071862453122979714745524725950322",
                "293639656049659381439432883233930061136",
                "53575772935281066248870374081976059711",
                "49194645636644734054965563173279350822",
                "104689859407008510517900176824518387659",
                "287979288517239566299244475921222815993",
                "15872358869704923665298893604362024248",
                "301071719179596027446821342256047135256",
                "137434997058617968267689340924315060606",
                "196061521067393650968981833786146455729",
                "333333900715572240716798278547956172912",
                "16737897415242292915232835434618954817",
                "187583662540136960630633358395375138061",
                "47371794787713767702228522115058655519",
                "252411255145663240791089307256367679861",
                "222598667632007968269040371429135854739",
                "339708303592273743489915389519686590179",
                "264876387884580990492725793130722134169",
                "68323132035293020451231473206172455987",
                "322513020178410997182228097473486817037",
                "289410839400585565763192318277198554595",
                "43173993899836444341701627056823091744",
                "187583662540136960630633358395375138061",
                "47371794787713767702228522115058655519",
                "252411255145663240791089307256367679861",
                "222598667632007968269040371429135854739",
                "153356795560776817648989146904732361328",
                "328157110284421163395166231549752699472",
                "128011503187951768054479910956781153091",
                "57719457282236165344598289275256115148",
                "91794615232585081307222415967885633275",
                "112936055729214281836766600462286239459",
                "119859507861030615548008207091771676094",
                "287979288517239566299244475921222815993",
                "296202915652744921405100257105764390010",
                "247150939643836653841183791585942424054",
                "270312678384849432848536356204767338847",
                "318478266732889627196422765315702091400",
                "145846112849091895567064255129922694306",
                "12255131327767123371150212348402890070",
                "77313091950850806891681230400816348940",
                "253248320211358654936382876870343328340",
                "183684216959104135303207875449504896742",
                "270190729631575020287647143759752328911",
                "77747243084858033652343110018924348495",
                "89857639566810222199887534520611278548",
                "287516083539568745588246816208334205050",
                "157191906144786826536479121613787786908",
                "231825325258064780080579669974263382105",
                "125995880315864881469573225205568883976",
                "162816788286878939916407882233218073834",
                "275561426928581914673352386494985734515",
                "64519255898185507593313106936712998854",
                "77670981584699310824516239408117840999",
                "145846112849091895567064255129922694306",
                "36169188416381811677370631386617192123",
                "257322266318300508533783174089131002607",
                "229694328961901355156115612056634361253",
                "215689255696349223378395526426314181777",
                "143636315560952745453981435542081564905",
                "277732564169362208927961267864321768727",
                "186802482126161271126476162382109598600",
                "152457233170629562880967362894323228534",
                "302854400340853149036966151597928312361",
                "245759460958062258893546067911878137509",
                "174120382879972429160282823612655242720",
                "179240761063923681412823779630710328993",
                "56783227838309711292418830894332671352",
                "321924372463835375804607855746703744259",
                "255926694621379865635632663948107000136",
                "153356795560776817648989146904732361328",
                "328157110284421163395166231549752699472",
                "128011503187951768054479910956781153091",
                "14997039039774458871193866901783393243",
                "243997219802485592358256925634576016308",
                "236596537068076712472181463900416520651",
                "102174861221127255194378833845150991491",
                "287979288517239566299244475921222815993",
                "296202915652744921405100257105764390010",
                "247150939643836653841183791585942424054",
                "28573403460033843666455703446302828096",
                "306965828449882128427334663706805693122",
                "20069288531270529332384677086161229305",
                "220414389342487878076685681929913986398",
                "328248477993612886340354615983913366192",
                "284445912050110576761304320320616747742",
                "298588001092170811727309392177169997410",
                "125995880315864881469573225205568883976",
                "220324646755596423674531789955350532656",
                "214155661553625801673301030682456642760",
                "205013673944664016148626822131574762870",
                "210327947657813045929633275006293052214",
                "20069288531270529332384677086161229305",
                "290973803499210229732759046981798738565",
                "125995880315864881469573225205568883976",
                "225105303296761758330575627004320550960",
                "328157110284421163395166231549752699472",
                "128011503187951768054479910956781153091",
                "125187358286663956617226779219914237298",
                "174315971198274478358783076089725889330",
                "160040418584245929232890342845015769766",
                "26270294137273845852341519625739581760",
                "287979288517239566299244475921222815993",
                "60921811147382253802598517762587807154",
                "144451143742804563505449256426308352256",
                "206021246924141086623802736377337495395",
                "131540090325553696013702860823301096382",
                "318792628919797016999672209022427031831",
                "72892350191242648116391809768417889986",
                "146927875959045420445258450387454530838",
                "188557575712349955984031320441624093571",
                "108572714219283274013254993336862100158",
                "128011503187951768054479910956781153091",
                "31051112002560498441247918079341541535",
                "75407180318704451699303769443305508093",
                "272603350525009630618136922483563968064",
                "162746661378333926093609331049803773936"
            ],
            "threshold": 0.9
        }
    },
    {
        "id": "CVE-2018-16642-954403d1",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "coders/cut.c",
            "function": "InsertRow"
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/cc4ac341f29fa368da6ef01c207deaf8c61f6a2e",
        "signature_type": "Function",
        "digest": {
            "length": 3133.0,
            "function_hash": "90115647829160301438588756295225745046"
        }
    }
]