ImageMagick Integer Overflow Vulnerability - 03 June (Windows) Network Vulnerability

Summary

The host is installed with ImageMagick and is prone to integer overflow Vulnerability.

Impact

Successful exploitation will allow an attacker to cause denial of service condition result in loss of availability for the application. Impact Level: Application

Solution

Upgrade to ImageMagick version 6.7.5-9 or later. http://www.imagemagick.org/script/download.php

Insight

Integer overflow error is due to an improper verification of executable file by profile.c

Affected

ImageMagick version 6.7.5-8 and earlier on Windows.

References

http://www.openwall.com/lists/oss-security/2012/03/19/5
http://www.osvdb.com/80555
http://xforce.iss.net/xforce/xfdb/76139

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-1186
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

VLC Media Player 'MP4_ReadBox_skcr()' Buffer Overflow Vulnerability (Windows)
INN buffer overflow
FileZilla Server Buffer Overflow Vulnerability
Ziproxy Image Parsing Multiple Integer Overflow Vulnerabilities
Personal File Share HTTP Server Remote Buffer Overflow Vulnerability

Take action and discover your vulnerabilities