CVE-2012-1798

The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.

🔗 References (26)

• cret@certhttp://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html
• cret@certhttp://rhn.redhat.com/errata/RHSA-2012-0544.html
• cret@certhttp://secunia.com/advisories/48974
• cret@certhttp://secunia.com/advisories/49063
• cret@certhttp://secunia.com/advisories/49068
• cret@certhttp://secunia.com/advisories/49317
• cret@certhttp://secunia.com/advisories/55035
• cret@certhttp://www.debian.org/security/2012/dsa-2462
• cret@certhttp://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629
• cret@certhttp://www.osvdb.org/81023
• cret@certhttp://www.securityfocus.com/bid/52898
• cret@certhttp://www.securitytracker.com/id?1027032
• cret@certhttps://exchange.xforce.ibmcloud.com/vulnerabilities/74659
• af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html
• af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2012-0544.html