Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2012-1185

Опубликовано: 19 мар. 2012
Источник: redhat
CVSS2: 6.8
EPSS Низкий

Описание

Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.

Отчет

Not vulnerable. This issue did not affect the versions of ImageMagick as shipped with Red Hat Enterprise Linux 5 and 6 as they did not backport the insufficient patch for CVE-2012-0247.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5ImageMagickNot affected
Red Hat Enterprise Linux 6ImageMagickNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=804588ImageMagick: Incorrect fix for CVE-2012-0247

EPSS

Процентиль: 79%
0.01292
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2012-1185

CVSS3: 7.8
ubuntu
больше 13 лет назад

Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.

nvd логотип

CVE-2012-1185

CVSS3: 7.8
nvd
больше 13 лет назад

Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.

debian логотип

CVE-2012-1185

CVSS3: 7.8
debian
больше 13 лет назад

Multiple integer overflows in (1) magick/profile.c or (2) magick/prope ...

github логотип

GHSA-6j5v-g8wm-9r98

CVSS3: 7.8
github
больше 3 лет назад

Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.

EPSS

Процентиль: 79%
0.01292
Низкий

6.8 Medium

CVSS2