CyberSec.Space Logo
Back to CVE Browser

CVE-2016-7996

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0020%
EPSS Percentile12.77th
PublishedJan 18, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.

Affected Platforms (CPE)

πŸ“¦
Graphicsmagick

Graphicsmagick

<= 1.3.25

References & Advisories

πŸ”— http://www.debian.org/security/2016/dsa-3746
πŸ”— http://www.openwall.com/lists/oss-security/2016/10/07/4
πŸ”— http://www.openwall.com/lists/oss-security/2016/10/08/5
πŸ”— http://www.securityfocus.com/bid/93464
πŸ”— http://www.debian.org/security/2016/dsa-3746
πŸ”— http://www.openwall.com/lists/oss-security/2016/10/07/4
πŸ”— http://www.openwall.com/lists/oss-security/2016/10/08/5
πŸ”— http://www.securityfocus.com/bid/93464

Related Vulnerabilities

CVE-2008-607110.0

Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, a...

CVE-2017-116379.8

GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome i...

CVE-2017-111399.8

GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c.

CVE-2017-116369.8

GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that hav...