Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2016-5689
HistoryDec 13, 2016 - 3:59 p.m.

CVE-2016-5689

2016-12-1315:59:02
CWE-476
mitre
web.nvd.nist.gov
87
imagemagick
cve-2016-5689
dcm reader
remote attacks
null pointer checks
nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.5

Confidence

High

EPSS

0.024

Percentile

90.1%

JSON

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.

Affected configurations

Nvd
Node
oraclesolarisMatch11.3
Node
imagemagickimagemagickRange6.9.4-4
OR
imagemagickimagemagickMatch7.0.1-0
OR
imagemagickimagemagickMatch7.0.1-1
OR
imagemagickimagemagickMatch7.0.1-2
OR
imagemagickimagemagickMatch7.0.1-3
OR
imagemagickimagemagickMatch7.0.1-4
OR
imagemagickimagemagickMatch7.0.1-5
OR
imagemagickimagemagickMatch7.0.1-6
VendorProductVersionCPE
oraclesolaris11.3cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
imagemagickimagemagick*cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*
imagemagickimagemagick7.0.1-0cpe:2.3:a:imagemagick:imagemagick:7.0.1-0:*:*:*:*:*:*:*
imagemagickimagemagick7.0.1-1cpe:2.3:a:imagemagick:imagemagick:7.0.1-1:*:*:*:*:*:*:*
imagemagickimagemagick7.0.1-2cpe:2.3:a:imagemagick:imagemagick:7.0.1-2:*:*:*:*:*:*:*
imagemagickimagemagick7.0.1-3cpe:2.3:a:imagemagick:imagemagick:7.0.1-3:*:*:*:*:*:*:*
imagemagickimagemagick7.0.1-4cpe:2.3:a:imagemagick:imagemagick:7.0.1-4:*:*:*:*:*:*:*
imagemagickimagemagick7.0.1-5cpe:2.3:a:imagemagick:imagemagick:7.0.1-5:*:*:*:*:*:*:*
imagemagickimagemagick7.0.1-6cpe:2.3:a:imagemagick:imagemagick:7.0.1-6:*:*:*:*:*:*:*

Related

ubuntucve 1
alpinelinux 1
redhatcve 1
nvd 1
prion 1
veracode 1
debiancve 1
cvelist 1
openvas 13
nessus 10
debian 2
osv 2
suse 4
ubuntu 1
ubuntucve
ubuntucve
CVE-2016-5689
2016-06-24 00:00:00
alpinelinux
alpinelinux
CVE-2016-5689
2016-12-13 15:59:02
redhatcve
redhatcve
CVE-2016-5689
2016-06-20 10:18:37
nvd
nvd
CVE-2016-5689
2016-12-13 15:59:02
prion
prion
Null pointer dereference
2016-12-13 15:59:00
veracode
veracode
Unchecked Error Condition
2017-01-31 09:11:09
debiancve
debiancve
CVE-2016-5689
2016-12-13 15:59:02
cvelist
cvelist
CVE-2016-5689
2016-12-13 15:00:00
openvas
openvas
ImageMagick Multiple Unspecified Vulnerabilities - Mac OS X
2016-06-06 00:00:00
ImageMagick Multiple Unspecified Vulnerabilities - Windows
2016-06-06 00:00:00
Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2019-1970)
2020-01-23 00:00:00
nessus
nessus
EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2019-1970)
2019-09-23 00:00:00
ImageMagick 6.x < 6.9.4-5 / 7.x < 7.0.1-7 Multiple DoS
2016-06-24 00:00:00
Debian DSA-3652-1 : imagemagick - security update
2016-08-26 00:00:00
debian
debian
[SECURITY] [DSA 3652-1] imagemagick security update
2016-08-25 20:53:02
[SECURITY] [DLA 731-1] imagemagick security update
2016-12-02 05:44:49
osv
osv
imagemagick - security update
2016-08-25 00:00:00
imagemagick - security update
2016-12-02 00:00:00
suse
suse
Security update for ImageMagick (important)
2016-07-11 16:08:01
Security update for ImageMagick (important)
2016-07-20 12:09:04
Security update for ImageMagick (important)
2016-07-11 16:26:48
ubuntu
ubuntu
ImageMagick vulnerabilities
2016-11-21 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.5

Confidence

High

EPSS

0.024

Percentile

90.1%

JSON
Related for CVE-2016-5689
ubuntucve1alpinelinux1redhatcve1nvd1prion1veracode1debiancve1cvelist1openvas13nessus10debian2osv2suse4ubuntu1