CVE-2012-1798

Published: 29 March 2012

The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
imagemagick
Launchpad, Ubuntu, Debian
Upstream Needs triage

Notes

AuthorNote
mdeslaur
may have been incorrectly referred to as CVE-2012-1768 in some
commits and changelogs.
see fixes in CVE-2012-0259

References