AVG-40

Package imagemagick
Status Fixed
Severity High
Type multiple issues
Affected 6.9.5.10-1
Fixed 6.9.6.0-1
Current 7.0.8.2-2 [extra]
Ticket None
Created Sun Oct 2 17:39:58 2016
Issue Severity Remote Type Description
CVE-2016-7906 High Yes Arbitrary code execution
An attacker is able to trigger a use-after-free when providing a crafted image to ImageMagick's mogrify function.
CVE-2016-7799 Medium Yes Denial of service
A buffer over-read vulnerability was found in ImageMagick. A malicious file could cause the application to crash.
Date Advisory Package Description
08 Oct 2016 ASA-201610-6 imagemagick multiple issues