DEBIAN-CVE-2017-16352

DEBIAN-CVE-2017-16352 PUBLISHED CVSS 8.800000190734863 HIGH

GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted MIFF format file with the verbose flag.

Risk Scores

CVSS v3.0

8.800000190734863

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Debian:11	graphicsmagick	0, 0, 0
Debian:12	graphicsmagick	0, 0, 0
Debian	graphicsmagick
Debian:13	graphicsmagick	0, 0, 0
Debian:14	graphicsmagick	0, 0, 0

Timeline

Nov 1, 2017 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2017-16352 advisory

Open in Interactive Console →