Lucene search
FreeBSD98690C45-0361-11E2-A391-000C29033C32HistoryJul 28, 2012 - 12:00 a.m.
ImageMagick and GraphicsMagick -- DoS via specially crafted PNG file
2012-07-2800:00:00
vuxml.freebsd.org
17
0.832 High
EPSS
Percentile
98.4%
Kurt Seifried reports:
There is an issue in ImageMagick that is also present in
GraphicsMagick. CVE-2011-3026 deals with libpng memory
allocation, and limitations have been added so that a bad PNG
can’t cause the system to allocate a lot of memory and a
denial of service. However on further investigation of
ImageMagick, Tom Lane found that PNG malloc function
(Magick_png_malloc) in turn calls AcquireMagickMemory with an
improper size argument.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | imagemagick | <= 6.7.8.6 | UNKNOWN |
| FreeBSD | any | noarch | imagemagick-nox11 | <= 6.7.8.6 | UNKNOWN |
| FreeBSD | any | noarch | graphicsmagick | = 1.3.0 | UNKNOWN |
| FreeBSD | any | noarch | graphicsmagick | <= 1.3.16 | UNKNOWN |
| FreeBSD | any | noarch | graphicsmagick-nox11 | = 1.3.0 | UNKNOWN |
| FreeBSD | any | noarch | graphicsmagick-nox11 | <= 1.3.16 | UNKNOWN |
Related
nessus
nessus
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2013:0757-1)
2021-06-09 00:00:00
Mandriva Update for graphicsmagick MDVSA-2012:165 (graphicsmagick)
2012-10-16 00:00:00
Mandriva Update for graphicsmagick MDVSA-2012:165 (graphicsmagick)
2012-10-16 00:00:00
prion
prion
Design/Logic Flaw
2012-08-07 21:55:00
Integer overflow
2012-02-16 20:55:00
fedora
fedora
[SECURITY] Fedora 16 Update: GraphicsMagick-1.3.16-5.fc16
2012-09-07 11:31:15
[SECURITY] Fedora 18 Update: GraphicsMagick-1.3.16-5.fc18
2012-09-17 23:48:44
[SECURITY] Fedora 17 Update: GraphicsMagick-1.3.16-5.fc17
2012-09-07 11:34:45
securityvulns
securityvulns
graphicsmagick memory corruption
2012-10-17 00:00:00
Mozilla Foundation Security Advisory 2012-11
2012-02-22 00:00:00
cve
cve
CVE-2012-3438
2012-08-07 21:55:00
CVE-2011-3026
2012-02-16 20:55:00
ubuntucve
ubuntucve
CVE-2012-3438
2012-08-07 00:00:00
CVE-2011-3026
2012-02-16 00:00:00
debiancve
debiancve
CVE-2012-3438
2012-08-07 21:55:00
oraclelinux
oraclelinux
xulrunner security update
2012-02-16 00:00:00
firefox security update
2012-02-16 00:00:00
seamonkey security update
2012-02-16 00:00:00
redhat
redhat
(RHSA-2012:0143) Critical: xulrunner security update
2012-02-16 00:00:00
(RHSA-2012:0317) Important: libpng security update
2012-02-20 00:00:00
(RHSA-2012:0141) Critical: seamonkey security update
2012-02-16 00:00:00
suse
suse
Security update for libpng (important)
2012-02-28 22:37:10
mozilla-xulrunner192: 1.9.2.27 (important)
2012-02-24 16:08:11
Security update for Mozilla Firefox (important)
2012-02-27 01:08:38
centos
centos
libpng, libpng10 security update
2012-02-20 21:59:45
firefox security update
2012-02-17 01:39:20
thunderbird security update
2012-02-17 02:53:21
amazon
amazon
Important: libpng
2012-03-04 16:09:00
checkpoint_advisories
checkpoint_advisories
libpng png_decompress_chunk Integer Overflow (CVE-2011-3026)
2012-05-14 00:00:00
libpng png_decompress_chunk Integer Overflow - ver 2 (CVE-2011-3026)
2012-05-10 00:00:00
threatpost
threatpost
Mozilla to Fix Libpng Bug in Firefox and Thunderbird
2012-02-17 18:43:07
ubuntu
ubuntu
Firefox vulnerability
2012-02-17 00:00:00
Xulrunner vulnerability
2012-02-17 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package libpng version 1.2.47-alt1
2012-02-20 00:00:00
debian
debian
[SECURITY] [DSA 2410-1] libpng security update
2012-02-15 21:03:08
cert
cert
libpng chunk decompression integer overflow vulnerability
2012-02-23 00:00:00
veracode
veracode
Denial Of Service (DoS)
2018-11-27 06:57:22