Lucene search
Veracode Vulnerability DatabaseVERACODE:3635HistoryMar 02, 2017 - 3:19 a.m.
Denial Of Service (DoS) Through Null Pointer Dereference
2017-03-0203:19:59
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18
EPSS
0.014
Percentile
86.6%
ImageMagick is vulnerable to denial of service (DoS) attacks. Attackers can trigger a flaw in coders/tiff.c which allows them to cause a NULL pointer dereference, leading to a crash, using a malformed image file.
References
www.debian.org/security/2016/dsa-3726
www.openwall.com/lists/oss-security/2016/11/19/7
www.openwall.com/lists/oss-security/2016/11/23/4
www.securityfocus.com/bid/94489
blogs.gentoo.org/ago/2016/11/19/imagemagick-null-pointer-must-never-be-null-tiff-c/
github.com/asarubbo/poc/blob/master/00049-imagemagick-pointernerverbenull
github.com/ImageMagick/ImageMagick/commit/b61d35eaccc0a7ddeff8a1c3abfcd0a43ccf210b
github.com/ImageMagick/ImageMagick/issues/298
www.openwall.com/lists/oss-security/2016/11/23/4
Related
redhatcve
redhatcve
CVE-2016-9559
2016-11-24 09:47:42
osv
osv
CVE-2016-9559
2017-03-01 15:59:00
imagemagick - security update
2016-11-26 00:00:00
imagemagick - security update
2016-12-22 00:00:00
ubuntucve
ubuntucve
CVE-2016-9559
2017-03-01 00:00:00
openvas
openvas
ImageMagick Denial of Service Vulnerability (Mar 2017) - Windows
2017-03-09 00:00:00
ImageMagick Denial of Service Vulnerability (Mar 2017) - Mac OS X
2017-03-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:3258-1)
2021-04-19 00:00:00
nvd
nvd
CVE-2016-9559
2017-03-01 15:59:00
nessus
nessus
ImageMagick 7.x < 7.0.3-7 TIFFGetProperties() NULL Pointer Dereference DoS
2016-12-12 00:00:00
ImageMagick 6.x < 6.9.6-5 TIFFGetProperties() NULL Pointer Dereference DoS
2016-12-12 00:00:00
openSUSE Security Update : GraphicsMagick (openSUSE-2016-1415)
2016-12-07 00:00:00
cve
cve
CVE-2016-9559
2017-03-01 15:59:00
debiancve
debiancve
CVE-2016-9559
2017-03-01 15:59:00
prion
prion
Null pointer dereference
2017-03-01 15:59:00
cvelist
cvelist
CVE-2016-9559
2017-03-01 15:00:00
suse
suse
Security update for ImageMagick (important)
2017-01-04 18:07:50
Security update for ImageMagick (important)
2016-12-23 16:09:35
fedora
fedora
[SECURITY] Fedora 26 Update: autotrace-0.31.1-49.fc26
2017-09-19 03:27:15
[SECURITY] Fedora 26 Update: imageinfo-0.05-27.fc26
2017-09-19 03:27:25
[SECURITY] Fedora 26 Update: techne-0.2.3-20.fc26
2017-09-19 03:27:36
mageia
mageia
Updated imagemagick packages fix security vulnerabilities
2018-05-12 09:28:12