GraphicsMagick ‘png_IM_malloc()’ Function Denial of Service Vulnerability
The information has been provided by Tom Lane.
* Red Hat Fedora 17
* Red Hat Fedora 16
* Mandriva Linux Mandrake 2011 x86_64
* Mandriva Linux Mandrake 2011
* MandrakeSoft Enterprise Server 5 x86_64
* MandrakeSoft Enterprise Server 5
Successful exploits will cause excessive memory consumption resulting in a denial-of-service condition.
GraphicsMagick is vulnerable to a denial of service, caused by a casting error when parsing PNG images. By persuading a victim to open a specially-crafted PNG image, a remote attacker could exploit this vulnerability to cause the application to crash.
The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.
Published : Jul 28 2012
Updated : Oct 12 2012