| ID |
CVE-2016-2318
|
| Summary |
GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:graphicsmagick:graphicsmagick:1.3.23:*:*:*:*:*:*:*
cpe:2.3:a:graphicsmagick:graphicsmagick:1.3.23:*:*:*:*:*:*:*
-
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
-
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*
-
cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*
cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*
-
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
-
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
-
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*
|
| CVSS |
| Base: | 4.3 (as of 30-10-2018 - 16:27) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-476 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
NONE |
PARTIAL |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
| refmap
via4
|
| bid | 83241 | | confirm | https://bugzilla.redhat.com/show_bug.cgi?id=1306148 | | debian | DSA-3746 | | mlist | - [oss-security] 20160211 Re: CVE requests: Multiple vulnerabilities in GraphicsMagick parsing and processing SVG files
- [oss-security] 20160527 Security issues addressed in GraphicsMagick SVG reader
- [oss-security] 20160531 Re: Security issues addressed in GraphicsMagick SVG reader
- [oss-security] 20160906 GraphicsMagick 1.3.25 fixes some security issues
- [oss-security] 20160918 Re: GraphicsMagick 1.3.25 fixes some security issues
| | suse | - SUSE-SU-2016:1783
- openSUSE-SU-2016:1724
- openSUSE-SU-2016:2073
|
|
| Last major update |
30-10-2018 - 16:27 |
| Published |
03-02-2017 - 15:59 |
| Last modified |
30-10-2018 - 16:27 |
