Lucene search

K

RedhatCVELIST:CVE-2012-3437

HistoryAug 07, 2012 - 9:00 p.m.

CVE-2012-3437

2012-08-0721:00:00

redhat

www.cve.org

6.1 Medium

AI Score

Confidence

High

0.036 Low

EPSS

Percentile

91.6%

The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.

References

lists.opensuse.org/opensuse-updates/2013-03/msg00101.html

secunia.com/advisories/50091

secunia.com/advisories/50398

www.mandriva.com/security/advisories?name=MDVSA-2012:160

www.mandriva.com/security/advisories?name=MDVSA-2013:092

www.securityfocus.com/bid/54714

www.securitytracker.com/id?1027321

www.ubuntu.com/usn/USN-1544-1

bugzilla.redhat.com/show_bug.cgi?id=844101

exchange.xforce.ibmcloud.com/vulnerabilities/77260

wiki.mageia.org/en/Support/Advisories/MGASA-2012-0243

6.1 Medium

AI Score

Confidence

High

0.036 Low

EPSS

Percentile

91.6%

Related for CVELIST:CVE-2012-3437

openvas9 nessus9 prion1 cve1 nvd1 ubuntucve1 fedora2 securityvulns2 ubuntu1 debiancve1 osv1 debian1