vulnerability
Ubuntu: USN-3222-1 (CVE-2016-8707): ImageMagick vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Dec 23, 2016 | Mar 9, 2017 | Mar 27, 2026 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Dec 23, 2016
Added
Mar 9, 2017
Modified
Mar 27, 2026
Description
An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality.
Solutions
ubuntu-upgrade-imagemagickubuntu-upgrade-imagemagick-6-q16ubuntu-upgrade-libmagick-4ubuntu-upgrade-libmagick-5ubuntu-upgrade-libmagick-6-q16-5v5ubuntu-upgrade-libmagickcore-6-q16-2ubuntu-upgrade-libmagickcore-6-q16-2-extraubuntu-upgrade-libmagickcore4ubuntu-upgrade-libmagickcore4-extraubuntu-upgrade-libmagickcore5ubuntu-upgrade-libmagickcore5-extra
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.