CVE-2016-8707 Vulnerability Details

  /     /     /  

CVE-2016-8707 Metadata Quick Info

CVE Published: 23/12/2016 | CVE Updated: 06/08/2024 | CVE Year: 2016
Source: talos | Vendor: n/a | Product: ImageMagick 7.0.3-1
Status : PUBLISHED

---

CVE-2016-8707 Description

An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks\'s convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: out-of-bounds write
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).