Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.71538
Category:FreeBSD Local Security Checks
Title:FreeBSD Ports: ImageMagick
Summary:The remote host is missing an update to the system; as announced in the referenced advisory.
Description:Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: ImageMagick

CVE-2012-0259
The GetEXIFProperty function in magick/property.c in ImageMagick
before 6.7.6-3 allows remote attackers to cause a denial of service
(crash) via a zero value in the component count of an EXIF XResolution
tag in a JPEG file, which triggers an out-of-bounds read.
CVE-2012-0260
The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before
6.7.6-3 allows remote attackers to cause a denial of service (memory
consumption) via a JPEG image with a crafted sequence of restart
markers.
CVE-2012-1798
The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick
before 6.7.6-3 allows remote attackers to cause a denial of service
(out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-0259
BugTraq ID: 52898
http://www.securityfocus.com/bid/52898
Debian Security Information: DSA-2462 (Google Search)
http://www.debian.org/security/2012/dsa-2462
http://www.cert.fi/en/reports/2012/vulnerability635606.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259
http://www.osvdb.org/81021
RedHat Security Advisories: RHSA-2012:0544
http://rhn.redhat.com/errata/RHSA-2012-0544.html
http://www.securitytracker.com/id?1027032
http://secunia.com/advisories/48679
http://secunia.com/advisories/48974
http://secunia.com/advisories/49043
http://secunia.com/advisories/49063
http://secunia.com/advisories/49317
http://secunia.com/advisories/55035
SuSE Security Announcement: openSUSE-SU-2012:0692 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html
http://ubuntu.com/usn/usn-1435-1
XForce ISS Database: imagemagick-jpegexif-dos(74657)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74657
Common Vulnerability Exposure (CVE) ID: CVE-2012-0260
http://www.osvdb.org/81022
RedHat Security Advisories: RHSA-2012:0545
http://rhn.redhat.com/errata/RHSA-2012-0545.html
http://secunia.com/advisories/49068
http://secunia.com/advisories/57224
http://www.ubuntu.com/usn/USN-2132-1
XForce ISS Database: imagemagick-jpegwarninghandler-dos(74658)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74658
Common Vulnerability Exposure (CVE) ID: CVE-2012-1798
http://www.osvdb.org/81023
XForce ISS Database: imagemagick-tiffexififd-dos(74659)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74659
CopyrightCopyright (C) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.