1
Candidate: CVE-2016-10070
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10070
5
http://www.openwall.com/lists/oss-security/2016/12/20/3
7
Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in
8
ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of
9
service (out-of-bounds read and application crash) via a crafted mat file.
12
mdeslaur> This is 0170-Fix-an-out-of-bound-in-mat-file-handling.patch
14
https://github.com/ImageMagick/ImageMagick/issues/131
15
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845246
16
https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366
18
Discovered-by: Moshe Kaplan
22
upstream: https://github.com/ImageMagick/ImageMagick/commit/b173a352397877775c51c9a0e9d59eb6ce24c455
23
upstream_imagemagick: released (8:6.9.6.2+dfsg-2)
24
precise_imagemagick: released (8:6.6.9.7-5ubuntu3.6)
25
trusty_imagemagick: released (8:6.7.7.10-6ubuntu3.3)
26
vivid/stable-phone-overlay_imagemagick: DNE
27
vivid/ubuntu-core_imagemagick: DNE
28
xenial_imagemagick: released (8:6.8.9.9-7ubuntu5.3)
29
yakkety_imagemagick: released (8:6.8.9.9-7ubuntu8.2)
30
devel_imagemagick: not-affected (8:6.9.6.6+dfsg-1ubuntu3)