QwikSec

Security Database

CVE

CWE

Training

CVE-2012-3438

Published: Aug 7, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_MANDRIVA

http://graphicsmagick.hg.sourceforge.net/hgweb/graphicsmagick/graphicsmagick/rev/d6e469d02cd2

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

graphicsmagick-png-dos(77259)

vdb-entry

x_refsource_XF

openSUSE-SU-2013:0536

vendor-advisory

x_refsource_SUSE

vdb-entry

x_refsource_BID

https://bugzilla.redhat.com/show_bug.cgi?id=844105

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.