Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-1185

Опубликовано: 05 июн. 2012
Источник: nvd
CVSS3: 7.8
CVSS2: 6.8
EPSS Низкий

Описание

Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*
Версия до 6.7.5 (включая)
Конфигурация 2
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
Конфигурация 4

Одно из

cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*

EPSS

Процентиль: 79%
0.01292
Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-190

Связанные уязвимости

ubuntu логотип

CVE-2012-1185

CVSS3: 7.8
ubuntu
больше 13 лет назад

Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.

redhat логотип

CVE-2012-1185

redhat
почти 14 лет назад

Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.

debian логотип

CVE-2012-1185

CVSS3: 7.8
debian
больше 13 лет назад

Multiple integer overflows in (1) magick/profile.c or (2) magick/prope ...

github логотип

GHSA-6j5v-g8wm-9r98

CVSS3: 7.8
github
больше 3 лет назад

Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.

EPSS

Процентиль: 79%
0.01292
Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-190