Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-updates/2016-10/msg00094.html | Third Party Advisory |
http://lists.opensuse.org/opensuse-updates/2016-10/msg00097.html | Third Party Advisory |
http://www.openwall.com/lists/oss-security/2016/09/18/8 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/93074 | Third Party Advisory VDB Entry |
https://bugzilla.redhat.com/show_bug.cgi?id=1374233 | Issue Tracking |
https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2017-02-06 17:59
Updated : 2024-02-04 19:11
NVD link : CVE-2016-7446
Mitre link : CVE-2016-7446
CVE.ORG link : CVE-2016-7446
JSON object : View
Products Affected
opensuse
- leap
- opensuse
debian
- debian_linux
graphicsmagick
- graphicsmagick
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer