Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2012-0247

ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image.

Related bugs and status

CVE-2012-0247 (Candidate) is related to these bugs:

Bug #999496: Used ImageMagick DLL is insecure

Summary				In	Importance	Status
	999496	Used ImageMagick DLL is insecure		calibre	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.cert.fi/en/...
DEBIAN: DSA-2427
GENTOO: GLSA-201203-09
REDHAT: RHSA-2012:0544
REDHAT: RHSA-2012:0545
UBUNTU: USN-1435-1
OSVDB: 79003
SECUNIA: 47926
SECUNIA: 48247
SECUNIA: 48259
SECUNIA: 49043
SECUNIA: 49063
SECUNIA: 49068
SECTRACK: 1027032
CONFIRM: http://www.imagemagick...