Wind River Support Network

HomeDefectsLIN6-5458

Fixed

LIN6-5458 : Security Advisory - imagemagick - CVE-2012-3437

Created: Aug 14, 2012 Updated: Dec 3, 2018

Resolved Date: Jun 3, 2014

Previous ID: LIN3-24491

Found In Version: 6.0

Fix Version: 6.0.0.8

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3437

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38