Published: 23 April 2012
Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0248.
CVSS 3 base score: 5.5
incomplete fix for CVE-2012-0248 see fixes in CVE-2012-0247