{"id":"CVE-2017-16546","details":"The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file.","modified":"2026-07-08T15:10:43.119830Z","published":"2017-11-05T22:29:00.230Z","related":["SUSE-SU-2017:3378-1","SUSE-SU-2017:3388-1","SUSE-SU-2017:3435-1"],"database_specific":{"unresolved_ranges":[{"extracted_events":[{"introduced":"14.04"},{"last_affected":"14.04"},{"introduced":"16.04"},{"last_affected":"16.04"},{"introduced":"17.10"},{"last_affected":"17.10"},{"introduced":"18.04"},{"last_affected":"18.04"}],"source":"CPE_STRING","vendor_product":"canonical:ubuntu_linux","cpes":["cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"]},{"extracted_events":[{"introduced":"8.0"},{"last_affected":"8.0"},{"introduced":"9.0"},{"last_affected":"9.0"}],"source":"CPE_STRING","vendor_product":"debian:debian_linux","cpes":["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}]},"references":[{"type":"ADVISORY","url":"https://usn.ubuntu.com/3681-1/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2017/dsa-4040"},{"type":"ADVISORY","url":"https://www.debian.org/security/2017/dsa-4074"},{"type":"REPORT","url":"https://github.com/ImageMagick/ImageMagick/commit/e04cf3e9524f50ca336253513d977224e083b816"},{"type":"FIX","url":"https://github.com/ImageMagick/ImageMagick/commit/2130bf6f89ded32ef0c88a11694f107c52566c53"},{"type":"FIX","url":"https://github.com/ImageMagick/ImageMagick/issues/851"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/imagemagick/imagemagick","events":[{"introduced":"b964b20847be9015699bdb59b6431cf1101806ad"},{"last_affected":"b964b20847be9015699bdb59b6431cf1101806ad"},{"fixed":"2130bf6f89ded32ef0c88a11694f107c52566c53"},{"fixed":"e04cf3e9524f50ca336253513d977224e083b816"}],"database_specific":{"source":["CPE_STRING","REFERENCES"],"extracted_events":[{"introduced":"7.0.7-9"},{"last_affected":"7.0.7-9"}],"cpe":"cpe:2.3:a:imagemagick:imagemagick:7.0.7-9:*:*:*:*:*:*:*"}}],"versions":["7.0.7-9"],"database_specific":{"vanir_signatures":[{"id":"CVE-2017-16546-1a59bbd4","digest":{"threshold":0.9,"line_hashes":["239037879911661576146958638240697473991","6775137549662369651095735069313677055","230263286374246415018531447678239154621","167777559930016920714550450146410033513"]},"source":"https://github.com/imagemagick/imagemagick/commit/2130bf6f89ded32ef0c88a11694f107c52566c53","signature_version":"v1","signature_type":"Line","target":{"file":"coders/wpg.c"},"deprecated":false},{"id":"CVE-2017-16546-71e01bf3","digest":{"length":12071,"function_hash":"120950539745086131144898489314772176044"},"source":"https://github.com/imagemagick/imagemagick/commit/e04cf3e9524f50ca336253513d977224e083b816","signature_version":"v1","signature_type":"Function","target":{"function":"ReadWPGImage","file":"coders/wpg.c"},"deprecated":false},{"id":"CVE-2017-16546-9dbc3eb1","digest":{"length":12161,"function_hash":"45674372341530071912301067453092590117"},"source":"https://github.com/imagemagick/imagemagick/commit/2130bf6f89ded32ef0c88a11694f107c52566c53","signature_version":"v1","signature_type":"Function","target":{"function":"ReadWPGImage","file":"coders/wpg.c"},"deprecated":false},{"id":"CVE-2017-16546-b18edb87","digest":{"threshold":0.9,"line_hashes":["6775137549662369651095735069313677055","230263286374246415018531447678239154621","265662654767131670731158258118047212943","328812252873929144357777357305708714005"]},"source":"https://github.com/imagemagick/imagemagick/commit/e04cf3e9524f50ca336253513d977224e083b816","signature_version":"v1","signature_type":"Line","target":{"file":"coders/wpg.c"},"deprecated":false}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-16546.json","vanir_signatures_modified":"2026-07-08T15:10:43Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}