CVE-2016-10053

Published: Mar 23, 2017Modified: May 13, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.

Affected (1)

Products: Imagemagick: Imagemagick

Imagemagick

1 product

Imagemagick

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Imagemagick Imagemagick	Up to 6.9.5-7

Related CWEs

CWE-369

Divide By Zero

The product divides a value by zero.

References (10)

http://www.openwall.com/lists/oss-security/2016/12/26/9

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/95179

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1410461

Source: cve@mitre.org

Issue TrackingThird Party Advisory

https://github.com/ImageMagick/ImageMagick/commit/728dc6a600cf4cbdac846964c85cc04339db8ac1

Source: cve@mitre.org

PatchVendor Advisory

https://github.com/ImageMagick/ImageMagick/commit/f983dcdf9c178e0cbc49608a78713c5669aa1bb5

Source: cve@mitre.org

Issue TrackingPatchVendor Advisory

http://www.openwall.com/lists/oss-security/2016/12/26/9