{"id":"CVE-2016-4564","details":"The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.","modified":"2026-05-14T04:00:28.165110252Z","published":"2016-06-04T16:59:02.563Z","related":["SUSE-SU-2016:1782-1","SUSE-SU-2016:1784-1"],"database_specific":{"unresolved_ranges":[{"cpe":"cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"6.9.3-0"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:a:imagemagick:imagemagick:7.0.0-0:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"7.0.0-0"}],"source":"CPE_FIELD"}]},"references":[{"type":"WEB","url":"http://www.imagemagick.org/script/changelog.php"},{"type":"WEB","url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"},{"type":"FIX","url":"https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/imagemagick/imagemagick","events":[{"introduced":"0"},{"last_affected":"e46b7d19de7914881986ef939f690facc7a0198d"},{"last_affected":"044a9bc056a8e0a7979009b41901e97640626257"}],"database_specific":{"cpe":["cpe:2.3:a:imagemagick:imagemagick:7.0.1-0:*:*:*:*:*:*:*","cpe:2.3:a:imagemagick:imagemagick:7.0.1-1:*:*:*:*:*:*:*"],"extracted_events":[{"introduced":"0"},{"last_affected":"7.0.1-0"},{"last_affected":"7.0.1-1"}],"source":"CPE_FIELD"}}],"versions":["7.0.1-1","7.0.1-0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-4564.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}