CVE-2012-0248

Published: 13 February 2012

ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF.

Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
imagemagick
Launchpad, Ubuntu, Debian
Upstream
Released (6.7.5.6)

Notes

AuthorNote
jdstrand
r6998 is the fix for CVE-2012-1186 which was assigned as an
incomplete fix for this issue (see oss-sec for more information).
mdeslaur
see fixes in CVE-2012-0247

References