UBUNTU-CVE-2016-8866

Source
https://ubuntu.com/security/CVE-2016-8866
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-8866.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2016-8866
Related
Published
2017-02-15T19:59:00Z
Modified
2017-02-15T19:59:00Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
  • 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862.

References

Affected packages

Ubuntu:Pro:14.04:LTS / imagemagick

Package

Name
imagemagick
Purl
pkg:deb/ubuntu/imagemagick?arch=src?distro=trusty/esm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

8:6.*

8:6.7.7.10-5ubuntu3
8:6.7.7.10-5ubuntu4
8:6.7.7.10-6ubuntu1
8:6.7.7.10-6ubuntu2
8:6.7.7.10-6ubuntu3
8:6.7.7.10-6ubuntu3.1
8:6.7.7.10-6ubuntu3.2
8:6.7.7.10-6ubuntu3.3
8:6.7.7.10-6ubuntu3.4
8:6.7.7.10-6ubuntu3.5
8:6.7.7.10-6ubuntu3.6
8:6.7.7.10-6ubuntu3.7
8:6.7.7.10-6ubuntu3.8
8:6.7.7.10-6ubuntu3.9
8:6.7.7.10-6ubuntu3.11
8:6.7.7.10-6ubuntu3.12
8:6.7.7.10-6ubuntu3.13
8:6.7.7.10-6ubuntu3.13+esm1
8:6.7.7.10-6ubuntu3.13+esm2
8:6.7.7.10-6ubuntu3.13+esm3
8:6.7.7.10-6ubuntu3.13+esm4
8:6.7.7.10-6ubuntu3.13+esm5
8:6.7.7.10-6ubuntu3.13+esm6
8:6.7.7.10-6ubuntu3.13+esm7
8:6.7.7.10-6ubuntu3.13+esm8
8:6.7.7.10-6ubuntu3.13+esm9

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:16.04:LTS / imagemagick

Package

Name
imagemagick
Purl
pkg:deb/ubuntu/imagemagick?arch=src?distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

8:6.*

8:6.8.9.9-5ubuntu2
8:6.8.9.9-6
8:6.8.9.9-6build1
8:6.8.9.9-7
8:6.8.9.9-7ubuntu1
8:6.8.9.9-7ubuntu2
8:6.8.9.9-7ubuntu3
8:6.8.9.9-7ubuntu4
8:6.8.9.9-7ubuntu5
8:6.8.9.9-7ubuntu5.1
8:6.8.9.9-7ubuntu5.2
8:6.8.9.9-7ubuntu5.3
8:6.8.9.9-7ubuntu5.4
8:6.8.9.9-7ubuntu5.5
8:6.8.9.9-7ubuntu5.6
8:6.8.9.9-7ubuntu5.7
8:6.8.9.9-7ubuntu5.8
8:6.8.9.9-7ubuntu5.9
8:6.8.9.9-7ubuntu5.11
8:6.8.9.9-7ubuntu5.12
8:6.8.9.9-7ubuntu5.13
8:6.8.9.9-7ubuntu5.14
8:6.8.9.9-7ubuntu5.15
8:6.8.9.9-7ubuntu5.16
8:6.8.9.9-7ubuntu5.16+esm1
8:6.8.9.9-7ubuntu5.16+esm2
8:6.8.9.9-7ubuntu5.16+esm3
8:6.8.9.9-7ubuntu5.16+esm4
8:6.8.9.9-7ubuntu5.16+esm5
8:6.8.9.9-7ubuntu5.16+esm6
8:6.8.9.9-7ubuntu5.16+esm7
8:6.8.9.9-7ubuntu5.16+esm8
8:6.8.9.9-7ubuntu5.16+esm9
8:6.8.9.9-7ubuntu5.16+esm10

Ecosystem specific

{
    "ubuntu_priority": "medium"
}