{"id":"CVE-2016-7539","details":"Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.","modified":"2026-04-11T05:00:56.169626Z","published":"2017-07-25T14:29:00.253Z","related":["SUSE-SU-2016:2667-1"],"references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/93232"},{"type":"FIX","url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833101"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1378776"},{"type":"FIX","url":"https://github.com/ImageMagick/ImageMagick/commit/4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c"},{"type":"FIX","url":"http://www.imagemagick.org/discourse-server/viewtopic.php?f=2&t=28946"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2016/09/22/2"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/imagemagick/imagemagick","events":[{"introduced":"0"},{"fixed":"4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c"}]},{"type":"GIT","repo":"https://github.com/imagemagick/imagemagick6","events":[{"introduced":"0"},{"last_affected":"16d6df393b07abfae4161c567c3cb386b65e309b"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"6.9.9-3"}]}}],"versions":["6.9.4-0","6.9.4-1","6.9.4-10","6.9.4-2","6.9.4-3","6.9.4-4","6.9.4-5","6.9.4-6","6.9.4-7","6.9.4-8","6.9.4-9","6.9.5-0","6.9.5-1","6.9.5-10","6.9.5-2","6.9.5-3","6.9.5-4","6.9.5-5","6.9.5-6","6.9.5-7","6.9.5-8","6.9.5-9","6.9.6-0","6.9.6-1","6.9.6-2","6.9.6-3","6.9.6-4","6.9.6-5","6.9.6-6","6.9.6-7","6.9.6-8","6.9.7-0","6.9.7-1","6.9.7-10","6.9.7-2","6.9.7-3","6.9.7-4","6.9.7-5","6.9.7-6","6.9.7-7","6.9.7-8","6.9.7-9","6.9.8-0","6.9.8-1","6.9.8-10","6.9.8-2","6.9.8-3","6.9.8-4","6.9.8-5","6.9.8-6","6.9.8-7","6.9.8-8","6.9.8-9","6.9.9-0","6.9.9-1","6.9.9-2","6.9.9-3"],"database_specific":{"vanir_signatures_modified":"2026-04-11T05:00:56Z","vanir_signatures":[{"deprecated":false,"signature_version":"v1","id":"CVE-2016-7539-18ce6e0c","target":{"file":"magick/cache.c","function":"OpenPixelCache"},"signature_type":"Function","digest":{"function_hash":"2235505589031384017827335457312008253","length":7392},"source":"https://github.com/imagemagick/imagemagick/commit/4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c"},{"deprecated":false,"signature_version":"v1","id":"CVE-2016-7539-2afce535","target":{"file":"magick/cache.c","function":"AllocatePixelCachePixels"},"signature_type":"Function","digest":{"function_hash":"246867006780945524853100790412864302142","length":338},"source":"https://github.com/imagemagick/imagemagick/commit/4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c"},{"deprecated":false,"signature_version":"v1","id":"CVE-2016-7539-fc65bc25","target":{"file":"magick/cache.c"},"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["40019894174321119446525151640192041204","26138887533552274854087949693450021858","89576766977506816275174459938593855357","156243666578442858963457837425925241744","48335167998963239311417172096958283061","304155805631621239438706497370244831381","156024217659521011766495039618397425713","58180297301696353380579126802614758895","248097936147814999490615476446330653091","262499192644320393878337617475380781242","54835938520203348950267039336530503928","69893041412723663130820714926635632358","277143947921129977134509999652766694300","110053689241216975347352403998695085874","242324442816331555525333867748810950154","196086803001180413687104663068961008033","27356018661227008913016502212655771494","38646085332609558889758227904897968950","147639160214037685769476399768827272264"]},"source":"https://github.com/imagemagick/imagemagick/commit/4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-7539.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}