CVE-2012-3437
EPSS 3.3%imagemagick - security update
發布日:2012/8/7修改日:2026/4/28
也稱為:DEBIAN-CVE-2012-3437
描述
The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.
受影響套件(2)
- Debian/imagemagickfrom 0, < 8:6.7.7.10-3
- Debian/imagemagickfrom 0, < 8:6.6.0.4-3+squeeze6