← back
CVE-2016-9298

CVE-2016-9298

EPSS 1.9%
Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/ImageMagick/ImageMagick/commit/3cbfb163cff9e5b8cdeace8312e9bfee810ed02bhttps://github.com/ImageMagick/ImageMagick/issues/296https://security.gentoo.org/glsa/201702-09http://www.openwall.com/lists/oss-security/2016/11/13/1http://www.openwall.com/lists/oss-security/2016/11/14/10http://www.securityfocus.com/bid/94310