Summary
The host is installed with ImageMagick and is prone to integer overflow Vulnerability.
Impact
Successful exploitation will allow an attacker to cause denial of service condition result in loss of availability for the application.
Impact Level: Application
Solution
Upgrade to ImageMagick version 6.7.6-4 or later.
http://www.imagemagick.org/script/download.php
Insight
Integer overflow error occurs due to improper sanitation of user supplied input when by a crafted JPEG EXIF tag with an excessive components count to the 'GetEXIFProperty()' and 'SyncImageProfiles()' functions in magick/profile.c
Affected
ImageMagick version before 6.7.6-4 on Windows.
References
Severity
Classification
-
CVE CVE-2012-1610 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities