CVE-2012-1798

MEDIUM

Imagemagick < 6.7.6-3 - Out-of-Bounds Read

Title source: rule

Description

The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.

References (13)

Scores

CVSS v3 6.5
EPSS 0.0141
EPSS Percentile 80.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Classification

CWE
CWE-125
Status draft

Affected Products (11)

imagemagick/imagemagick < 6.7.6-3
debian/debian_linux
redhat/storage
redhat/enterprise_linux_desktop
redhat/enterprise_linux_eus
redhat/enterprise_linux_server
redhat/enterprise_linux_server_aus
redhat/enterprise_linux_server_eus
redhat/enterprise_linux_workstation
opensuse/opensuse
opensuse/opensuse

Timeline

Published Jun 05, 2012
Tracked Since Feb 18, 2026