QwikSec

Security Database

CVE

CWE

Training

CVE-2016-2317

Published: Feb 3, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

openSUSE-SU-2016:2073

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2016:1724

vendor-advisory

x_refsource_SUSE

https://bugzilla.redhat.com/show_bug.cgi?id=1306148

x_refsource_CONFIRM

[oss-security] 20160531 Re: Security issues addressed in GraphicsMagick SVG reader

mailing-list

x_refsource_MLIST

vdb-entry

x_refsource_BID

[oss-security] 20160520 Re: ImageMagick Is On Fire -- CVE-2016-3714

mailing-list

x_refsource_MLIST

[oss-security] 20160527 Security issues addressed in GraphicsMagick SVG reader

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_DEBIAN

SUSE-SU-2016:1783

vendor-advisory

x_refsource_SUSE

[oss-security] 20160918 Re: GraphicsMagick 1.3.25 fixes some security issues

mailing-list

x_refsource_MLIST

[oss-security] 20160211 Re: CVE requests: Multiple vulnerabilities in GraphicsMagick parsing and processing SVG files

mailing-list

x_refsource_MLIST

[oss-security] 20160906 GraphicsMagick 1.3.25 fixes some security issues

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.