ID de Prueba:	1.3.6.1.4.1.25623.1.0.803817
Categoría:	Buffer overflow
Título:	ImageMagick < 6.7.6-4 Integer Overflow Vulnerability (Jun 2013) - Windows
Resumen:	ImageMagick is prone to an integer overflow vulnerability.
Descripción:	Summary: ImageMagick is prone to an integer overflow vulnerability. Vulnerability Insight: Integer overflow error occurs due to improper sanitation of user supplied input when by a crafted JPEG EXIF tag with an excessive components count to the 'GetEXIFProperty()' and 'SyncImageProfiles()' functions in magick/profile.c Vulnerability Impact: Successful exploitation will allow an attacker to cause denial of service condition result in loss of availability for the application. Affected Software/OS: ImageMagick version before 6.7.6-4 on Windows. Solution: Upgrade to ImageMagick version 6.7.6-4 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1610 BugTraq ID: 52898 http://www.securityfocus.com/bid/52898 Debian Security Information: DSA-2462 (Google Search) http://www.debian.org/security/2012/dsa-2462 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259 http://www.openwall.com/lists/oss-security/2012/04/04/6 http://www.osvdb.org/81024 http://secunia.com/advisories/48974 http://secunia.com/advisories/49043 http://secunia.com/advisories/49317 http://secunia.com/advisories/55035 SuSE Security Announcement: openSUSE-SU-2012:0692 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html http://ubuntu.com/usn/usn-1435-1 XForce ISS Database: imagemagick-getexifproperty-dos(74660) https://exchange.xforce.ibmcloud.com/vulnerabilities/74660
Copyright	Copyright (C) 2013 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.