Vulnerability Change Records for CVE-2016-3714

Change History

CVE Modified by MITRE 10/09/2018 3:59:54 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/archive/1/538378/100/0/threaded [No Types Assigned]
Removed Reference
http://www.securityfocus.com/archive/1/archive/1/538378/100/0/threaded [No Types Assigned]

								
						

CVE Modified by Source 10/03/2016 10:8:09 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

Initial CVE Analysis 5/06/2016 1:34:07 PM

Action Type Old Value New Value

CVE Modified by MITRE 9/06/2017 9:29:03 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.exploit-db.com/exploits/39767/ [No Types Assigned]

CVE Modified by MITRE 11/03/2017 9:29:19 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.debian.org/security/2016/dsa-3746 [No Types Assigned]

Modified Analysis 5/06/2016 4:24:11 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
Configuration 1
     OR
          *cpe:2.3:a:imagemagick:imagemagick:7.0.1-0:*:*:*:*:*:*:*
          *cpe:2.3:a:imagemagick:imagemagick:7.0.0-0:*:*:*:*:*:*:*
          *cpe:2.3:a:imagemagick:imagemagick:6.9.3-9:*:*:*:*:*:*:* (and previous)
Added CVSS V2

								
							
							
						
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Added CVSS V3

								
							
							
						
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
CWE-20
Changed Reference Type
http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog No Types Assigned
http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog Patch
Changed Reference Type
https://imagetragick.com/ No Types Assigned
https://imagetragick.com/ Advisory
Changed Reference Type
https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588 No Types Assigned
https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588 Advisory
Changed Reference Type
https://www.imagemagick.org/script/changelog.php No Types Assigned
https://www.imagemagick.org/script/changelog.php Advisory

CVE Modified by Source 6/20/2016 9:59:37 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.ubuntu.com/usn/USN-2990-1

Modified Analysis 4/15/2019 9:29:58 AM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
OR
     *cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
     *cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00041.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00041.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html Third Party Advisory
Changed Reference Type
http://packetstormsecurity.com/files/152364/ImageTragick-ImageMagick-Proof-Of-Concepts.html No Types Assigned
http://packetstormsecurity.com/files/152364/ImageTragick-ImageMagick-Proof-Of-Concepts.html Third Party Advisory, VDB Entry
Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-0726.html No Types Assigned
http://rhn.redhat.com/errata/RHSA-2016-0726.html Third Party Advisory
Changed Reference Type
http://www.debian.org/security/2016/dsa-3580 No Types Assigned
http://www.debian.org/security/2016/dsa-3580 Third Party Advisory
Changed Reference Type
http://www.debian.org/security/2016/dsa-3746 No Types Assigned
http://www.debian.org/security/2016/dsa-3746 Third Party Advisory
Changed Reference Type
http://www.openwall.com/lists/oss-security/2016/05/03/13 No Types Assigned
http://www.openwall.com/lists/oss-security/2016/05/03/13 Mailing List
Changed Reference Type
http://www.openwall.com/lists/oss-security/2016/05/03/18 No Types Assigned
http://www.openwall.com/lists/oss-security/2016/05/03/18 Mailing List
Changed Reference Type
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html No Types Assigned
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html Third Party Advisory
Changed Reference Type
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html No Types Assigned
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html Third Party Advisory
Changed Reference Type
http://www.rapid7.com/db/modules/exploit/unix/fileformat/imagemagick_delegate No Types Assigned
http://www.rapid7.com/db/modules/exploit/unix/fileformat/imagemagick_delegate Third Party Advisory
Changed Reference Type
http://www.securityfocus.com/archive/1/538378/100/0/threaded No Types Assigned
http://www.securityfocus.com/archive/1/538378/100/0/threaded Third Party Advisory, VDB Entry
Changed Reference Type
http://www.securityfocus.com/bid/89848 No Types Assigned
http://www.securityfocus.com/bid/89848 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.securitytracker.com/id/1035742 No Types Assigned
http://www.securitytracker.com/id/1035742 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568 No Types Assigned
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568 Third Party Advisory
Changed Reference Type
http://www.ubuntu.com/usn/USN-2990-1 No Types Assigned
http://www.ubuntu.com/usn/USN-2990-1 Third Party Advisory
Changed Reference Type
https://access.redhat.com/security/vulnerabilities/2296071 No Types Assigned
https://access.redhat.com/security/vulnerabilities/2296071 Third Party Advisory
Changed Reference Type
https://bugzilla.redhat.com/show_bug.cgi?id=1332492 No Types Assigned
https://bugzilla.redhat.com/show_bug.cgi?id=1332492 Issue Tracking
Changed Reference Type
https://security.gentoo.org/glsa/201611-21 No Types Assigned
https://security.gentoo.org/glsa/201611-21 Third Party Advisory
Changed Reference Type
https://www.exploit-db.com/exploits/39767/ No Types Assigned
https://www.exploit-db.com/exploits/39767/ Third Party Advisory, VDB Entry
Changed Reference Type
https://www.exploit-db.com/exploits/39791/ No Types Assigned
https://www.exploit-db.com/exploits/39791/ Third Party Advisory, VDB Entry
Changed Reference Type
https://www.kb.cert.org/vuls/id/250519 US Government Resource
https://www.kb.cert.org/vuls/id/250519 Third Party Advisory, US Government Resource

CVE Modified by MITRE 4/03/2019 3:29:00 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://packetstormsecurity.com/files/152364/ImageTragick-ImageMagick-Proof-Of-Concepts.html [No Types Assigned]

CVE Modified by MITRE 11/30/2016 10:10:07 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html [No Types Assigned]
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html [No Types Assigned]
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html [No Types Assigned]
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html [No Types Assigned]
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00041.html [No Types Assigned]
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html [No Types Assigned]
Added Reference

								
							
							
						
http://www.debian.org/security/2016/dsa-3580 [No Types Assigned]
Added Reference

								
							
							
						
http://www.rapid7.com/db/modules/exploit/unix/fileformat/imagemagick_delegate [No Types Assigned]
Added Reference

								
							
							
						
http://www.securityfocus.com/archive/1/archive/1/538378/100/0/threaded [No Types Assigned]
Added Reference

								
							
							
						
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568 [No Types Assigned]
Added Reference

								
							
							
						
https://www.exploit-db.com/exploits/39791/ [No Types Assigned]

CVE Modified by Source 7/13/2016 10:0:54 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2016-0726.html

CVE Modified by MITRE 6/30/2017 9:29:44 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.gentoo.org/glsa/201611-21 [No Types Assigned]

CVE Modified by Source 9/22/2016 9:59:55 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

CVE Modified by MITRE 12/27/2016 9:59:30 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/89848 [No Types Assigned]