CVE-2016-4564
CRITICALImageMagick < 6.9.3-0 - Buffer Overflow in DrawImage Function
Title source: llmDescription
The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
References (3)
Core 3
Core References
Patch x_refsource_confirm
https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950
Various Sources x_refsource_confirm
http://www.imagemagick.org/script/changelog.php
Vendor Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
Scores
CVSS v3
9.8
EPSS
0.0077
EPSS Percentile
73.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (4)
imagemagick/imagemagick
7.0.0-0
imagemagick/imagemagick
7.0.1-0
imagemagick/imagemagick
7.0.1-1
imagemagick/imagemagick
< 6.9.3-0
Published
Jun 04, 2016
Tracked Since
Feb 18, 2026