Bug 807997 (CVE-2012-1798) - CVE-2012-1798 ImageMagick: Out-of-bounds buffer read by copying image bytes for TIFF images with crafted TIFF EXIF IFD value
Summary: CVE-2012-1798 ImageMagick: Out-of-bounds buffer read by copying image bytes f...
Status: NEW
Alias: CVE-2012-1798
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=low,public=20120328,reported=2...
Keywords: Security
Depends On: 796844 796845 808159
Blocks: 789444
TreeView+ depends on / blocked
 
Reported: 2012-03-29 10:11 UTC by Stefan Cornelius
Modified: 2019-06-08 19:05 UTC (History)
6 users (show)

(edit)
Clone Of:
(edit)
Last Closed:


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2012:0544 normal SHIPPED_LIVE Moderate: ImageMagick security update 2012-05-07 22:22:16 UTC

Description Stefan Cornelius 2012-03-29 10:11:31 UTC
An out-of-bounds buffer read flaw was found in the way ImageMagick, an image display and manipulation tool for the X Window System, retrieved source memory location by attempt to copy image bytes for certain TIFF image files. A remote attacker could provide a TIFF image with specially-crafted value of Exif IFD (set of tags for recording Exif-specific attribute information), which once opened in some ImageMagick tool would lead to the crash of that tool (denial of service).

[1] http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629

Comment 1 Jan Lieskovsky 2012-03-29 17:05:27 UTC
Acknowledgements:

Red Hat would like to thank CERT-FI for reporting this issue. CERT-FI acknowledges Aleksis Kauppinen, Joonas Kuorilehto, Tuomas Parttimaa and Lasse Ylivainio of Codenomicon's CROSS project as the original reporters.

Comment 2 Jan Lieskovsky 2012-03-29 17:31:27 UTC
This issue affects the versions of the ImageMagick package, as shipped with Fedora release of 15 and 16.

Comment 3 Jan Lieskovsky 2012-03-29 17:40:16 UTC
Public now via:
[2] http://www.cert.fi/en/reports/2012/vulnerability635606.html

Comment 4 Jan Lieskovsky 2012-03-29 17:44:01 UTC
Created ImageMagick tracking bugs for this issue

Affects: fedora-all [bug 808159]

Comment 5 Stefan Cornelius 2012-03-30 11:58:56 UTC
This issue affects the versions of the ImageMagick package, as shipped with Red Hat Enterprise Linux 6.

Comment 6 Pavel Alexeev 2012-04-11 13:29:15 UTC
Rawhide build which should fix it http://koji.fedoraproject.org/koji/taskinfo?taskID=3977291.

Comment 7 errata-xmlrpc 2012-05-07 18:51:35 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2012:0544 https://rhn.redhat.com/errata/RHSA-2012-0544.html


Note You need to log in before you can comment on or make changes to this bug.