GraphicsMagick ‘png_IM_malloc()’ Function Denial of Service Vulnerability

Summary

GraphicsMagick is prone to a denial-of-service vulnerability.

Credit:

The information has been provided by Tom Lane.


Details

Vulnerable Systems:
 * Red Hat Fedora 17
 * Red Hat Fedora 16
 * Mandriva Linux Mandrake 2011 x86_64
 * Mandriva Linux Mandrake 2011
 * MandrakeSoft Enterprise Server 5 x86_64
 * MandrakeSoft Enterprise Server 5

Successful exploits will cause excessive memory consumption resulting in a denial-of-service condition.

GraphicsMagick is vulnerable to a denial of service, caused by a casting error when parsing PNG images. By persuading a victim to open a specially-crafted PNG image, a remote attacker could exploit this vulnerability to cause the application to crash.

The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.

CVE Information:
CVE-2012-3438

Disclosure Timeline:
Published : Jul 28 2012
Updated : Oct 12 2012

Categories: News