What is CVE-2016-3716?

CVE-2016-3716 is a low-severity vulnerability in Imagemagick, classified under CWE-264. CVSS score: 3.3/10. Published 2016-05-05.

How severe is CVE-2016-3716?

Low severity. CVSS v3 base score is 3.3 out of 10.

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

CVE-2016-3716

The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.

EPSS: 0.299 (96.7th percentile) — read the EPSS interpretation.

CVSS v3 base score 3.3 (Low). Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N.

secalert@redhat.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
openSUSE-SU-2016:1266 (vendor-advisory, x_refsource_SUSE)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_CONFIRM, Vendor Advisory)
USN-2990-1 (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)
openSUSE-SU-2016:1261 (vendor-advisory, x_refsource_SUSE)
20160513 May 2016 - HipChat Server - Critical Security Advisory (mailing-list, x_refsource_BUGTRAQ)
39767 (exploit, x_refsource_EXPLOIT-DB)
SUSE-SU-2016:1260 (vendor-advisory, x_refsource_SUSE)
[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update (mailing-list, x_refsource_MLIST)

What is CVE-2016-3716?: CVE-2016-3716 is a low-severity vulnerability in Imagemagick, classified under CWE-264. CVSS score: 3.3/10. Published 2016-05-05.
How severe is CVE-2016-3716?: Low severity. CVSS v3 base score is 3.3 out of 10.
Is CVE-2016-3716 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.