vulnerability

Oracle Solaris 11: CVE-2016-8707: Vulnerability in ImageMagick

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Dec 23, 2016	May 29, 2017	Dec 15, 2022

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Dec 23, 2016

Added

May 29, 2017

Modified

Dec 15, 2022

Description

An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality.

Solution

oracle-solaris-11-3-upgrade-image-imagemagick-6-9-7-4-0-175-3-18-0-1-0

References

BID-94727
CVE-2016-8707
https://attackerkb.com/topics/CVE-2016-8707
DEBIAN-DSA-3799
URL-https://support.oracle.com/epmos/faces/DocumentDisplay?id=1448883.1&displayIndex=1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today