CVE-2012-1185

by Fred · 05/06/2012

Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.

Date published : 2012-06-05

http://www.securityfocus.com/bid/51957

http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/profile.c

CVE-2012-1185

Similar

Recent Posts

Categories

CVE-2012-1185

Share this:

Similar

Recent Posts

Categories

Tags