807997 – (CVE-2012-1798) CVE-2012-1798 ImageMagick: Out-of-bounds buffer read by copying image bytes for TIFF images with crafted TIFF EXIF IFD value

Bug 807997 (CVE-2012-1798) - CVE-2012-1798 ImageMagick: Out-of-bounds buffer read by copying image bytes for TIFF images with crafted TIFF EXIF IFD value

Summary: CVE-2012-1798 ImageMagick: Out-of-bounds buffer read by copying image bytes f...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2012-1798
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	796844 796845 808159
Blocks:	789444
TreeView+	depends on / blocked

Reported:	2012-03-29 10:11 UTC by Stefan Cornelius
Modified:	2023-05-12 12:07 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-10-19 21:52:41 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2012:0544	0	normal	SHIPPED_LIVE	Moderate: ImageMagick security update	2012-05-07 22:22:16 UTC

Description Stefan Cornelius 2012-03-29 10:11:31 UTC

An out-of-bounds buffer read flaw was found in the way ImageMagick, an image display and manipulation tool for the X Window System, retrieved source memory location by attempt to copy image bytes for certain TIFF image files. A remote attacker could provide a TIFF image with specially-crafted value of Exif IFD (set of tags for recording Exif-specific attribute information), which once opened in some ImageMagick tool would lead to the crash of that tool (denial of service).

[1] http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629

Comment 1 Jan Lieskovsky 2012-03-29 17:05:27 UTC

Acknowledgements:

Red Hat would like to thank CERT-FI for reporting this issue. CERT-FI acknowledges Aleksis Kauppinen, Joonas Kuorilehto, Tuomas Parttimaa and Lasse Ylivainio of Codenomicon's CROSS project as the original reporters.

Comment 2 Jan Lieskovsky 2012-03-29 17:31:27 UTC

This issue affects the versions of the ImageMagick package, as shipped with Fedora release of 15 and 16.

Comment 3 Jan Lieskovsky 2012-03-29 17:40:16 UTC

Public now via:
[2] http://www.cert.fi/en/reports/2012/vulnerability635606.html

Comment 4 Jan Lieskovsky 2012-03-29 17:44:01 UTC

Created ImageMagick tracking bugs for this issue

Affects: fedora-all [bug 808159]

Comment 5 Stefan Cornelius 2012-03-30 11:58:56 UTC

This issue affects the versions of the ImageMagick package, as shipped with Red Hat Enterprise Linux 6.

Comment 6 Pavel Alexeev 2012-04-11 13:29:15 UTC

Rawhide build which should fix it http://koji.fedoraproject.org/koji/taskinfo?taskID=3977291.

Comment 7 errata-xmlrpc 2012-05-07 18:51:35 UTC

This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2012:0544 https://rhn.redhat.com/errata/RHSA-2012-0544.html

Note You need to log in before you can comment on or make changes to this bug.