An attacker could create a specially crafted image file that, when opened by a victim, could cause ImageMagick to access invalid memory and crash (CVE-2012-0259). An integer overflow flaw was found in the way ImageMagick processed certain Exif tags with a large components count. This resulted in a wrap around into a value smaller than length, making original CVE-2012-0247 introduced length check still to be possible to bypass, leading to memory corruption (CVE-2012-1185). The original fix for CVE-2012-0247 failed to check for the possibility of an integer overflow when computing the sum of number_bytes and offset.
An attacker could create a specially crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop (CVE-2012-0248). A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code (CVE-2012-0247). A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format (Exif) metadata.
Description Multiple vulnerabilities has been found and corrected in imagemagick : Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory (CVE-2010-4167).
Synopsis The remote Mandriva Linux host is missing one or more security updates.
0 kommentar(er)
