Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and previous versions allow remote malicious users to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
imagemagick imagemagick |
||
debian debian linux 6.0 |
||
canonical ubuntu linux 11.04 |
||
canonical ubuntu linux 11.10 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 10.04 |
||
opensuse opensuse 11.4 |
||
opensuse opensuse 12.1 |