The GetEXIFProperty function in magick/property.c in ImageMagick prior to 6.7.6-3 allows remote malicious users to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
imagemagick imagemagick |
||
debian debian linux 6.0 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 11.04 |
||
canonical ubuntu linux 11.10 |
||
canonical ubuntu linux 12.04 |
||
opensuse opensuse 11.4 |
||
opensuse opensuse 12.1 |