MDVSA-2012:078 -- Mandriva imagemagickID: oval:org.secpod.oval:def:302856 | Date: (C)2012-12-20 (M)2023-11-10 |
Class: PATCH | Family: unix |
Multiple vulnerabilities has been found and corrected in imagemagick: A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code . A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop . The original fix for CVE-2012-0247 failed to check for the possibility of an integer overflow when computing the sum of number_bytes and offset. This resulted in a wrap around into a value smaller than length, making original CVE-2012-0247 introduced length check still to be possible to bypass, leading to memory corruption . An integer overflow flaw was found in the way ImageMagick processed certain Exif tags with a large components count. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to access invalid memory and crash . A denial of service flaw was found in the way ImageMagick decoded certain JPEG images. A remote attacker could provide a JPEG image with specially-crafted sequences of RST0 up to RST7 restart markers , which once processed by ImageMagick, would cause it to consume excessive amounts of memory and CPU time . An out-of-bounds buffer read flaw was found in the way ImageMagick processed certain TIFF image files. A remote attacker could provide a TIFF image with a specially-crafted Exif IFD value , which once opened by ImageMagick, would cause it to crash . The updated packages have been patched to correct these issues.
Platform: |
Mandriva Linux 2011.0 |