SB2017030211 - Fedora 24 update for GraphicsMagick

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017030211

SB2017030211 - Fedora 24 update for GraphicsMagick

Published: March 2, 2017 Updated: April 24, 2025

Security Bulletin ID SB2017030211
Severity
High
Patch available
YES
Number of vulnerabilities 8
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 13% Medium 50% Low 38%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.


1) Heap-based buffer overflow (CVE-ID: CVE-2016-7800)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier. A remote attacker can use a crafted 8BIM chunk to trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


2) Heap-based buffer overflow (CVE-ID: CVE-2016-7996)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier. A remote attacker can use a colormap with a large number of entries. to trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


3) NULL pointer dereference (CVE-ID: CVE-2016-7997)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.


4) Out-of-bounds read (CVE-ID: CVE-2016-8682)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.


5) Buffer overflow (CVE-ID: CVE-2016-8683)

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."


6) Buffer overflow (CVE-ID: CVE-2016-8684)

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."


7) Out-of-bounds read (CVE-ID: CVE-2017-6335)

The vulnerability allows a remote attacker to gain access to perform denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the coders/tiff.c function in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value file. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the affected application.


8) Input validation error (CVE-ID: CVE-2016-9830)

The vulnerability allows a local non-authenticated attacker to perform a denial of service (DoS) attack.

The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.


Remediation

Install update from vendor's website.

References