CVE-2012-3437
Summary
The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.
- MEDIUM
- NETWORK
- NONE
- NONE
- NONE
- PARTIAL
References
Advisory Timeline
- Published