Medium severity6.5NVD Advisory· Published Jun 5, 2012· Updated Apr 29, 2026
CVE-2012-0259
CVE-2012-0259
Description
The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read.
Affected products
8cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
- cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
17- www.imagemagick.org/discourse-server/viewtopic.phpnvdIssue TrackingPatchVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- lists.opensuse.org/opensuse-updates/2012-06/msg00001.htmlnvdMailing ListThird Party Advisory
- rhn.redhat.com/errata/RHSA-2012-0544.htmlnvdThird Party Advisory
- ubuntu.com/usn/usn-1435-1nvdThird Party Advisory
- www.debian.org/security/2012/dsa-2462nvdThird Party Advisory
- www.securityfocus.com/bid/52898nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/74657nvdThird Party AdvisoryVDB Entry
- secunia.com/advisories/48679nvdBroken Link
- secunia.com/advisories/48974nvdBroken Link
- secunia.com/advisories/49043nvdBroken Link
- secunia.com/advisories/49063nvdBroken Link
- secunia.com/advisories/49317nvdBroken Link
- secunia.com/advisories/55035nvdBroken Link
- www.cert.fi/en/reports/2012/vulnerability635606.htmlnvdBroken Link
- www.osvdb.org/81021nvdBroken Link
News mentions
0No linked articles in our index yet.