Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2012-3437
HistoryAug 07, 2012 - 12:00 a.m.

CVE-2012-3437

2012-08-0700:00:00
ubuntu.com
ubuntu.com
11

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.036 Low

EPSS

Percentile

91.5%

JSON

The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and
earlier does not use the proper variable type for the allocation size,
which might allow remote attackers to cause a denial of service (crash) via
a crafted PNG file that triggers incorrect memory allocation.

Bugs

Notes

Author Note
tyhicks png_IM_malloc() in older releases
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchimagemagick< 7:6.5.7.8-1ubuntu1.3UNKNOWN
ubuntu11.04noarchimagemagick< 7:6.6.2.6-1ubuntu4.2UNKNOWN
ubuntu11.10noarchimagemagick< 8:6.6.0.4-3ubuntu1.2UNKNOWN
ubuntu12.04noarchimagemagick< 8:6.6.9.7-5ubuntu3.2UNKNOWN

Related

prion 1
nessus 7
openvas 9
cve 1
securityvulns 2
debiancve 1
fedora 2
ubuntu 1
osv 1
debian 1
prion
prion
Design/Logic Flaw
2012-08-07 21:55:00
nessus
nessus
Fedora 16 : ImageMagick-6.7.0.10-6.fc16 (2012-11746)
2012-08-28 00:00:00
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : imagemagick vulnerability (USN-1544-1)
2012-08-23 00:00:00
Mandriva Linux Security Advisory : imagemagick (MDVSA-2013:092)
2013-04-20 00:00:00
openvas
openvas
Mandriva Update for imagemagick MDVSA-2012:160 (imagemagick)
2012-10-09 00:00:00
Fedora Update for ImageMagick FEDORA-2012-11762
2012-08-30 00:00:00
Fedora Update for ImageMagick FEDORA-2012-11762
2012-08-30 00:00:00
cve
cve
CVE-2012-3437
2012-08-07 21:55:00
securityvulns
securityvulns
[USN-1544-1] ImageMagick vulnerability
2012-08-27 00:00:00
ImageMagic memory corruption
2012-08-27 00:00:00
debiancve
debiancve
CVE-2012-3437
2012-08-07 21:55:00
fedora
fedora
[SECURITY] Fedora 17 Update: ImageMagick-6.7.5.6-4.fc17
2012-08-27 22:54:06
[SECURITY] Fedora 16 Update: ImageMagick-6.7.0.10-6.fc16
2012-08-27 22:59:31
ubuntu
ubuntu
ImageMagick vulnerability
2012-08-22 00:00:00
osv
osv
imagemagick - security update
2015-06-11 00:00:00
debian
debian
[SECURITY] [DLA 242-1] imagemagick security update
2015-06-11 20:08:07

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.036 Low

EPSS

Percentile

91.5%

JSON
Related for UB:CVE-2012-3437
prion1nessus7openvas9cve1securityvulns2debiancve1fedora2ubuntu1osv1debian1