Test Kennung:	1.3.6.1.4.1.25623.1.0.803817
Kategorie:	Buffer overflow
Titel:	ImageMagick < 6.7.6-4 Integer Overflow Vulnerability (Jun 2013) - Windows
Zusammenfassung:	ImageMagick is prone to an integer overflow vulnerability.
Beschreibung:	Summary: ImageMagick is prone to an integer overflow vulnerability. Vulnerability Insight: Integer overflow error occurs due to improper sanitation of user supplied input when by a crafted JPEG EXIF tag with an excessive components count to the 'GetEXIFProperty()' and 'SyncImageProfiles()' functions in magick/profile.c Vulnerability Impact: Successful exploitation will allow an attacker to cause denial of service condition result in loss of availability for the application. Affected Software/OS: ImageMagick version before 6.7.6-4 on Windows. Solution: Upgrade to ImageMagick version 6.7.6-4 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1610 BugTraq ID: 52898 http://www.securityfocus.com/bid/52898 Debian Security Information: DSA-2462 (Google Search) http://www.debian.org/security/2012/dsa-2462 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259 http://www.openwall.com/lists/oss-security/2012/04/04/6 http://www.osvdb.org/81024 http://secunia.com/advisories/48974 http://secunia.com/advisories/49043 http://secunia.com/advisories/49317 http://secunia.com/advisories/55035 SuSE Security Announcement: openSUSE-SU-2012:0692 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html http://ubuntu.com/usn/usn-1435-1 XForce ISS Database: imagemagick-getexifproperty-dos(74660) https://exchange.xforce.ibmcloud.com/vulnerabilities/74660
Copyright	Copyright (C) 2013 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.