CVE-2012-3437

Priority
Medium
Description
The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and
earlier does not use the proper variable type for the allocation size,
which might allow remote attackers to cause a denial of service (crash) via
a crafted PNG file that triggers incorrect memory allocation.
References
Bugs
Notes
tyhicks> png_IM_malloc() in older releases
Assigned-to
jdstrand
Package
Upstream:released (8:6.7.7.10-3)
Ubuntu 10.04 LTS (Lucid Lynx):released (7:6.5.7.8-1ubuntu1.3)
Ubuntu 12.04 LTS (Precise Pangolin):released (8:6.6.9.7-5ubuntu3.2)
Ubuntu 12.10 (Quantal Quetzal):released (8:6.7.7.10-2ubuntu4)
Patches:
Upstream:http://trac.imagemagick.org/changeset/8733/ImageMagick/trunk/coders/png.c
More Information

Valid XHTML 1.0 Strict

Updated: 2014-01-22 21:14:45 UTC (commit 7675)