CVE-2012-0260
Published: 05 June 2012
The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers.
Priority
CVSS 3 base score: 6.5
Status
Package | Release | Status |
---|---|---|
imagemagick Launchpad, Ubuntu, Debian |
Upstream |
Released
(8:6.7.4.0-5)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Not vulnerable
(8:6.7.7.10-2ubuntu4)
|
|
Patches: Vendor: http://www.debian.org/security/2012/dsa-2462 Upstream: http://trac.imagemagick.org/changeset/7249 |
Notes
Author | Note |
---|---|
mdeslaur | see fixes in CVE-2012-0259 |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0260
- http://www.cert.fi/en/reports/2012/vulnerability635606.html
- https://usn.ubuntu.com/usn/usn-2132-1
- NVD
- Launchpad
- Debian