Showing 1 - 7 of 7

CVE-2012-0247

Status Candidate

Overview

ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image.

Related Files

Mandriva Linux Security Advisory 2012-078: Posted May 18, 2012; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2012-078 - Multiple vulnerabilities has been found and corrected in imagemagick. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop. Various other issues have also been addressed.; tags | advisory, denial of service, arbitrary, vulnerability; systems | linux, mandriva; advisories | CVE-2012-0247, CVE-2012-0248, CVE-2012-1185, CVE-2012-0259, CVE-2012-0260, CVE-2012-1798; SHA-256 | 16755f115af78f1d3c621b96b65aa171706dd1323233fef010e83b6fe9fe11bb; Download | Favorite | View

Mandriva Linux Security Advisory 2012-077: Posted May 17, 2012; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2012-077 - Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop. Various other issues have also been addressed.; tags | advisory, denial of service, arbitrary, local, trojan; systems | linux, mandriva; advisories | CVE-2010-4167, CVE-2012-0247, CVE-2012-0248, CVE-2012-1185, CVE-2012-0259, CVE-2012-0260, CVE-2012-1798; SHA-256 | d7de3f7e0b80f09045f1b2c5f542725b115d3f5c08f7a893d8351dc7200e188a; Download | Favorite | View

Red Hat Security Advisory 2012-0544-01: Posted May 7, 2012; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2012-0544-01 - ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop.; tags | advisory, denial of service, arbitrary; systems | linux, redhat; advisories | CVE-2010-4167, CVE-2012-0247, CVE-2012-0248, CVE-2012-0259, CVE-2012-0260, CVE-2012-1798; SHA-256 | 8de65be2fccd90aeb21230e00496bc38147f8f63da19d99fc78529caa13f8c0a; Download | Favorite | View

Red Hat Security Advisory 2012-0545-01: Posted May 7, 2012; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2012-0545-01 - ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop.; tags | advisory, denial of service, arbitrary; systems | linux, redhat; advisories | CVE-2012-0247, CVE-2012-0248, CVE-2012-0260; SHA-256 | 486fac7c70f5900ea4b2003350cc49df5a6f5ae8814ef2b537c4e6f0534d688d; Download | Favorite | View

Ubuntu Security Notice USN-1435-1: Posted May 1, 2012; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1435-1 - Joonas Kuorilehto and Aleksis Kauppinen discovered that ImageMagick incorrectly handled certain ResolutionUnit tags. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. Joonas Kuorilehto and Aleksis Kauppinen discovered that ImageMagick incorrectly handled certain IFD structures. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. Various other issues were also addressed.; tags | advisory, denial of service; systems | linux, ubuntu; advisories | CVE-2012-0259, CVE-2012-1610, CVE-2012-1798, CVE-2012-0247, CVE-2012-0248, CVE-2012-0259, CVE-2012-1185, CVE-2012-1186, CVE-2012-1610, CVE-2012-1798; SHA-256 | 73ba7d5a3bfc03583f1359586e171a6afd57f0bd2cabb0ad28c5b5b48ed912b5; Download | Favorite | View

Debian Security Advisory 2427-1: Posted Mar 7, 2012; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2427-1 - Two security vulnerabilities related to EXIF processing were discovered in ImageMagick, a suite of programs to manipulate images.; tags | advisory, vulnerability; systems | linux, debian; advisories | CVE-2012-0247, CVE-2012-0248; SHA-256 | c305684477a383d74fa7e715692634c1bb41c63a394c41c6f920e4364c62f41d; Download | Favorite | View

Gentoo Linux Security Advisory 201203-09: Posted Mar 6, 2012; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201203-9 - Vulnerabilities found in ImageMagick might allow remote attackers to execute arbitrary code. Versions less than 6.7.5.3 are affected.; tags | advisory, remote, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2012-0247, CVE-2012-0248; SHA-256 | 762c38364403aa1177fe908220a67725dc7492c7605c2e8562025421a3a2418c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 194 files
Ubuntu 67 files
Debian 24 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
malvuln 4 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,011)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,194)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,473)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,437)
UNIX (9,390)
UnixWare (187)
Windows (6,649)
Other

CVE-2012-0247

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems