CVE-2016-6520

9.1 CRITICAL

Published: December 13, 2016 Modified: May 06, 2026

Description

Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://www.imagemagick.org/script/changelog.php

Source: cve@mitre.org

Release Notes Vendor Advisory

http://www.openwall.com/lists/oss-security/2016/08/02/10

Source: cve@mitre.org

Mailing List Patch Third Party Advisory

http://www.openwall.com/lists/oss-security/2016/08/02/6

Source: cve@mitre.org

Mailing List Patch Third Party Advisory

http://www.securitytracker.com/id/1036502

Source: cve@mitre.org

Patch Third Party Advisory VDB Entry

https://github.com/ImageMagick/ImageMagick/commit/76401e172ea3a55182be2b8e2aca4d07270f6da6

Source: cve@mitre.org

Patch Third Party Advisory

http://www.imagemagick.org/script/changelog.php