CVE-2012-1185 (retired)

Priority
Description
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c
in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial
of service (memory corruption) and possibly execute arbitrary code via
crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an
image. NOTE: this vulnerability exists because of an incomplete fix for
CVE-2012-0247.
Notes
 mdeslaur> Incomplete fix for CVE-2012-0247
 mdeslaur> see fixes in CVE-2012-0247
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):released (8:6.6.9.7-5ubuntu3.1)
More Information

Updated: 2019-03-26 12:01:14 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)