Secunia
Login
|
|
CVE Reference: CVE-2012-1186 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2012-1186 |
|
|
Description: Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0248. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/76139 UBUNTU http://ubuntu.com/usn/usn-1435-1 SUSE http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html SAID Secunia Advisory: SA47926 Secunia Advisory: SA48974 Secunia Advisory: SA49043 Secunia Advisory: SA49317 OSVDB 80555 MLIST http://www.openwall.com/lists/oss-security/2012/03/19/5 MISC DEBIAN http://www.debian.org/security/2012/dsa-2462 CONFIRM http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/profile.c BID 51957 |
|
| Return to the previous page. |
