CVE-2016-5691

Published: 12/13/2016 Last updated: 8/6/2024 Reserved: 6/16/2016

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (2)

conf-libMagickCore ocsigen-start

Products affected (1)

Product	Vendor	Version
n/a	n/a	Snapdragon AR2 Gen 1 Platform

References (16)

http://www.securityfocus.com/bid/91283
https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html
https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog
https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog
http://www.openwall.com/lists/oss-security/2016/06/17/3
http://www.openwall.com/lists/oss-security/2016/06/14/5
http://www.securityfocus.com/bid/91283
https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html
https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog
https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog
http://www.openwall.com/lists/oss-security/2016/06/17/3
http://www.openwall.com/lists/oss-security/2016/06/14/5