CVE-2012-1185
published 2012-06-05CVE-2012-1185: Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of…
PriorityP346high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
30.90%
98.0th percentile
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | imagemagick | < imagemagick 8:6.6.9.7-7 (bookworm) | imagemagick 8:6.6.9.7-7 (bookworm) |
| imagemagick | imagemagick | <= 6.7.5 | — |
| imagemagick | imagemagick | >= 0 < 8:6.6.9.7-7 | 8:6.6.9.7-7 |
| imagemagick | imagemagick | >= 0 < 8:6.6.9.7-7 | 8:6.6.9.7-7 |
| imagemagick | imagemagick | >= 0 < 8:6.6.9.7-7 | 8:6.6.9.7-7 |
| imagemagick | imagemagick | >= 0 < 8:6.6.9.7-7 | 8:6.6.9.7-7 |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv8.8HIGH
vendor_debian8.8HIGH
vendor_redhat8.8HIGH
vendor_ubuntu8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6j5v-g8wm-9r98: Multiple integer overflows in (1) magick/profile
ghsa_unreviewed·2022-05-13·CVSS 8.8
CVE-2012-1185 [HIGH] CWE-190 GHSA-6j5v-g8wm-9r98: Multiple integer overflows in (1) magick/profile
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.
OSV
CVE-2012-1185: Multiple integer overflows in (1) magick/profile
osv·2012-06-05·CVSS 8.8
CVE-2012-1185 [HIGH] CVE-2012-1185: Multiple integer overflows in (1) magick/profile
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.
Ubuntu
ImageMagick vulnerabilities
vendor_ubuntu·2012-05-01·CVSS 8.8
CVE-2012-0247 [HIGH] ImageMagick vulnerabilities
Title: ImageMagick vulnerabilities
Summary: ImageMagick could be made to crash or run programs as your login if it
opened a specially crafted file.
Joonas Kuorilehto and Aleksis Kauppinen discovered that ImageMagick
incorrectly handled certain ResolutionUnit tags. If a user or automated
system using ImageMagick were tricked into opening a specially crafted
image, an attacker could exploit this to cause a denial of service or
possibly execute code with the privileges of the user invoking the program.
(CVE-2012-0247, CVE-2012-1185)
Joonas Kuorilehto and Aleksis Kauppinen discovered that ImageMagick
incorrectly handled certain IFD structures. If a user or automated
system using ImageMagick were tricked into opening a specially crafted
image, an attacker could exploit this to cause a denial
Red Hat
ImageMagick: Incorrect fix for CVE-2012-0247
vendor_redhat·2012-03-19·CVSS 8.8
CVE-2012-1185 [HIGH] ImageMagick: Incorrect fix for CVE-2012-0247
ImageMagick: Incorrect fix for CVE-2012-0247
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.
Statement: Not vulnerable. This issue did not affect the versions of ImageMagick as shipped with Red Hat Enterprise Linux 5 and 6 as they did not backport the insufficient patch for CVE-2012-0247.
Package: ImageMagick (Red Hat Enterprise Linux 5) - Not affected
Package: ImageMagick (Red Hat Enterprise Linux 6) - Not affected
Debian
CVE-2012-1185: imagemagick - Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in I...
vendor_debian·2012·CVSS 8.8
CVE-2012-1185 [HIGH] CVE-2012-1185: imagemagick - Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in I...
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.
Scope: local
bookworm: resolved (fixed in 8:6.6.9.7-7)
bullseye: resolved (fixed in 8:6.6.9.7-7)
forky: resolved (fixed in 8:6.6.9.7-7)
sid: resolved (fixed in 8:6.6.9.7-7)
trixie: resolved (fixed in 8:6.6.9.7-7)
No detection rules found.
No public exploits indexed.
http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.htmlhttp://secunia.com/advisories/47926http://secunia.com/advisories/48974http://secunia.com/advisories/49043http://secunia.com/advisories/49317http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/profile.chttp://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/property.chttp://ubuntu.com/usn/usn-1435-1http://www.debian.org/security/2012/dsa-2462http://www.openwall.com/lists/oss-security/2012/03/19/5http://www.osvdb.org/80556http://www.securityfocus.com/bid/51957https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1185https://exchange.xforce.ibmcloud.com/vulnerabilities/76140http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.htmlhttp://secunia.com/advisories/47926http://secunia.com/advisories/48974http://secunia.com/advisories/49043http://secunia.com/advisories/49317http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/profile.chttp://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/property.chttp://ubuntu.com/usn/usn-1435-1http://www.debian.org/security/2012/dsa-2462http://www.openwall.com/lists/oss-security/2012/03/19/5http://www.osvdb.org/80556http://www.securityfocus.com/bid/51957https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1185https://exchange.xforce.ibmcloud.com/vulnerabilities/76140
2012-06-05
Published