Secunia
Login
|
|
CVE Reference: CVE-2012-1185 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2012-1185 |
|
|
Description: Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/76140 UBUNTU http://ubuntu.com/usn/usn-1435-1 SUSE http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html SAID Secunia Advisory: SA47926 Secunia Advisory: SA48974 Secunia Advisory: SA49043 Secunia Advisory: SA49317 OSVDB 80556 MLIST http://www.openwall.com/lists/oss-security/2012/03/19/5 MISC DEBIAN http://www.debian.org/security/2012/dsa-2462 CONFIRM http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/property.c http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/profile.c BID 51957 |
|
| Return to the previous page. |
