Published: 05/06/2012 Updated: 14/08/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick prior to 6.7.6-4 allows remote malicious users to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF tags in a JPEG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0259.

Vulnerable Product	Search on Vulmon	Subscribe to Product
imagemagick imagemagick
debian debian linux 6.0
canonical ubuntu linux 10.04
canonical ubuntu linux 11.04
canonical ubuntu linux 11.10
canonical ubuntu linux 12.04
opensuse opensuse 11.4
opensuse opensuse 12.1

ImageMagick could be made to crash or run programs as your login if it opened a specially crafted file ...

Debian Bug report logs - #667635 CVE-2012-0259 / CVE-2012-0260 / CVE-2012-1798 / CVE-2012-1610 Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <muehl ...

Debian Bug report logs - #665007 CVE-2012-1185 / CVE-2012-1186: incomplete ImageMagick fixes for CVE-2012-0247 / CVE-2012-0248 Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported ...

CWE-190 http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629 http://secunia.com/advisories/48974 http://www.debian.org/security/2012/dsa-2462 http://www.openwall.com/lists/oss-security/2012/04/04/6 http://www.osvdb.org/81024 http://secunia.com/advisories/49317 http://secunia.com/advisories/49043 http://www.securityfocus.com/bid/52898 http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html http://ubuntu.com/usn/usn-1435-1 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259 http://secunia.com/advisories/55035 https://exchange.xforce.ibmcloud.com/vulnerabilities/74660 https://usn.ubuntu.com/1435-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-1610

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect