Vulnerability CVE-2012-1798

Vulnerability Name:

CVE-2012-1798 (CCN-74659)

Assigned:

2012-03-28

Published:

2012-03-28

Updated:

2020-07-31

Summary:

The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.

CVSS v3 Severity:

6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-125

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2012-1798

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2012:0692

Source: CCN
Type: RHSA-2012-0544
Moderate: ImageMagick security update

Source: REDHAT
Type: Third Party Advisory
RHSA-2012:0544

Source: CCN
Type: SA48679
ImageMagick Multiple Denial of Service Vulnerabilities

Source: SECUNIA
Type: Not Applicable
48974

Source: SECUNIA
Type: Not Applicable
49063

Source: SECUNIA
Type: Not Applicable
49068

Source: SECUNIA
Type: Not Applicable
49317

Source: CCN
Type: SA55035
Oracle Solaris ImageMagick Multiple Denial of Service Vulnerabilities

Source: SECUNIA
Type: Not Applicable
55035

Source: CCN
Type: CERT-FI
CERT-FI Advisory on issues in ImageMagick

Source: DEBIAN
Type: Third Party Advisory
DSA-2462

Source: DEBIAN
Type: DSA-2462
imagemagick -- several vulnerabilities

Source: CCN
Type: ImageMagick Web Site
ImageMagick Vulnerabilities

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629

Source: OSVDB
Type: Broken Link
81023

Source: CCN
Type: OSVDB ID: 81023
ImageMagick coders/tiff.c TIFFGetEXIFProperties() Function TIFF EXIF IFD Handling Invalid Memory Remote DoS

Source: BID
Type: Third Party Advisory, VDB Entry
52898

Source: CCN
Type: BID-52898
ImageMagick Multiple Denial of Service Vulnerabilities

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1027032

Source: XF
Type: Third Party Advisory, VDB Entry
imagemagick-tiffexififd-dos(74659)

Source: XF
Type: UNKNOWN
imagemagick-tiffexififd-dos(74659)

Vulnerable Configuration:

Configuration 1:

cpe:/a:imagemagick:imagemagick:*:*:*:*:*:*:*:* (Version < 6.7.6-3)

Configuration 2:

cpe:/o:debian:debian_linux:6.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:redhat:storage:2.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_eus:6.2:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_eus:6.2:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

Configuration 4:

cpe:/o:opensuse:opensuse:11.4:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:12.1:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:imagemagick:imagemagick:6.2.5:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.3.1:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.2.9:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.6.0:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.5.0:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.4.0:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.3.8:*:*:*:*:*:*:*

OR cpe:/a:imagemagick:imagemagick:6.7.6-2:*:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20121798	V	CVE-2012-1798	2022-05-20
oval:org.opensuse.security:def:26220	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:42345	P	Security update for libmspack (Low)	2022-01-13
oval:org.opensuse.security:def:31715	P	Security update for the Linux Kernel (Important)	2021-12-06
oval:org.opensuse.security:def:32225	P	Security update for postgresql10 (Important)	2021-11-22
oval:org.opensuse.security:def:29448	P	Security update for postgresql10 (Important)	2021-11-22
oval:org.opensuse.security:def:26167	P	Security update for php72 (Moderate)	2021-11-19
oval:org.opensuse.security:def:26147	P	Security update for MozillaFirefox (Important)	2021-10-15
oval:org.opensuse.security:def:32181	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:26118	P	Security update for php72 (Important)	2021-09-02
oval:org.opensuse.security:def:26112	P	Security update for sssd (Important)	2021-08-30
oval:org.opensuse.security:def:32159	P	Security update for webkit2gtk3 (Important)	2021-08-03
oval:org.opensuse.security:def:31650	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:32122	P	Security update for apache2 (Important)	2021-06-17
oval:org.opensuse.security:def:31639	P	Security update for freeradius-server (Moderate)	2021-06-11
oval:org.opensuse.security:def:31638	P	Security update for caribou (Important)	2021-06-10
oval:org.opensuse.security:def:36172	P	libMagickCore1-32bit-6.4.3.6-7.30.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36359	P	ImageMagick-6.4.3.6-7.30.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42579	P	libMagickCore1-32bit-6.4.3.6-7.30.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:26065	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:26063	P	Security update for dhcp (Important)	2021-06-01
oval:org.opensuse.security:def:31623	P	Security update for libxml2 (Important)	2021-05-19
oval:org.opensuse.security:def:32092	P	Security update for the Linux Kernel (Important)	2021-05-18
oval:org.opensuse.security:def:32071	P	Security update for qemu (Important)	2021-04-16
oval:org.opensuse.security:def:29484	P	Security update for python (Moderate)	2021-03-16
oval:org.opensuse.security:def:26206	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:26193	P	Security update for bind (Important)	2021-02-18
oval:org.opensuse.security:def:32256	P	Security update for wpa_supplicant (Important)	2021-02-15
oval:org.opensuse.security:def:31724	P	Security update for python (Important)	2021-02-11
oval:org.opensuse.security:def:32248	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:32120	P	Security update for ImageMagick (Important)	2021-01-22
oval:org.opensuse.security:def:32902	P	Security update for openldap2 (Moderate)	2021-01-14
oval:org.opensuse.security:def:33096	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:25984	P	Security update for cyrus-sasl (Important)	2020-12-28
oval:org.opensuse.security:def:32015	P	Security update for openssl (Important)	2020-12-11
oval:org.opensuse.security:def:32005	P	Security update for xen (Important)	2020-12-07
oval:org.opensuse.security:def:35938	P	libMagickCore1-32bit-6.4.3.6-7.26.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:32037	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:28373	P	Recommended update for python-setuptools (Moderate)	2020-12-01
oval:org.opensuse.security:def:32036	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:28316	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:32863	P	freetype2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28232	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:28102	P	Security update for git (Important)	2020-12-01
oval:org.opensuse.security:def:28038	P	Security update for cracklib (Moderate)	2020-12-01
oval:org.opensuse.security:def:25914	P	Security update for firebird (Moderate)	2020-12-01
oval:org.opensuse.security:def:28027	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:25830	P	Security update for libimobiledevice, usbmuxd (Important)	2020-12-01
oval:org.opensuse.security:def:27170	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28026	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:25773	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:27135	P	gmime on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25692	P	Security update for e2fsprogs (Moderate)	2020-12-01
oval:org.opensuse.security:def:26497	P	Security update for tor (Important)	2020-12-01
oval:org.opensuse.security:def:25564	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:31859	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:26453	P	Security update for kauth (Moderate)	2020-12-01
oval:org.opensuse.security:def:25500	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:31772	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26439	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:33135	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25489	P	Security update for pam_radius (Important)	2020-12-01
oval:org.opensuse.security:def:26400	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:25488	P	Security update for file-roller (Low)	2020-12-01
oval:org.opensuse.security:def:26351	P	Security update for mongodb (Moderate)	2020-12-01
oval:org.opensuse.security:def:32458	P	Security update for xorg-x11-libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31491	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:26298	P	Security update for mariadb-100 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32414	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:31417	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32392	P	Security update for tomcat6 (Important)	2020-12-01
oval:org.opensuse.security:def:31406	P	Security update for perl-PlRPC (Moderate)	2020-12-01
oval:org.opensuse.security:def:32353	P	Security update for squid3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27357	P	ImageMagick on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31405	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:26006	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:32304	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:27322	P	x3270 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25925	P	Security update for pcre (Moderate)	2020-12-01
oval:org.opensuse.security:def:26684	P	dbus-1-glib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25797	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26640	P	sudo on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25733	P	Security update for mgetty (Moderate)	2020-12-01
oval:org.opensuse.security:def:26626	P	pam_mount on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33536	P	Security update for ImageMagick	2020-12-01
oval:org.opensuse.security:def:25722	P	Security update for ovmf (Low)	2020-12-01
oval:org.opensuse.security:def:31948	P	Security update for gpg2 (Important)	2020-12-01
oval:org.opensuse.security:def:26587	P	libgtop on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33497	P	Security update for lvm2, lvm2-clvm, lvm2-clvm-debuginfo, lvm2-clvm-debugsource, lvm2-debuginfo, lvm2-debugsource	2020-12-01
oval:org.opensuse.security:def:25721	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31856	P	Security update for cups (Moderate)	2020-12-01
oval:org.opensuse.security:def:26538	P	e2fsprogs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32859	P	file-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26485	P	Security update for singularity (Moderate)	2020-12-01
oval:org.opensuse.security:def:32815	P	LibVNCServer on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26334	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:32793	P	system-config-printer on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26250	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32754	P	ntp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32705	P	libarchive2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32649	P	dbus-1-glib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28810	P	Security update for postgresql91	2020-12-01
oval:org.opensuse.security:def:32493	P	bzip2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28766	P	Security update for libsndfile	2020-12-01
oval:org.opensuse.security:def:25920	P	Security update for gstreamer-plugins-base (Moderate)	2020-12-01
oval:org.opensuse.security:def:32406	P	Security update for wavpack (Moderate)	2020-12-01
oval:org.opensuse.security:def:28750	P	Security update for libmpfr	2020-12-01
oval:org.opensuse.security:def:25909	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:32349	P	Security update for sqlite3 (Important)	2020-12-01
oval:org.opensuse.security:def:28711	P	Security update for icu	2020-12-01
oval:org.opensuse.security:def:26937	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25908	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:28662	P	Security update for finch	2020-12-01
oval:org.opensuse.security:def:26902	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28609	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:26264	P	Security update for gegl (Moderate)	2020-12-01
oval:org.opensuse.security:def:32048	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:28457	P	Security update for xen (Moderate)	2020-12-01
oval:org.mitre.oval:def:28796	P	DSA-2462-2 -- imagemagick -- several vulnerabilities	2015-08-17
oval:org.mitre.oval:def:17311	P	USN-1435-1 -- imagemagick vulnerabilities	2014-06-30
oval:org.mitre.oval:def:19828	P	DSA-2462-1 imagemagick - several	2014-06-23
oval:org.mitre.oval:def:23715	P	ELSA-2012:0544: ImageMagick security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:21390	P	RHSA-2012:0544: ImageMagick security update (Moderate)	2014-02-24
oval:com.ubuntu.precise:def:20121798000	V	CVE-2012-1798 on Ubuntu 12.04 LTS (precise) - low.	2012-06-05
oval:com.redhat.rhsa:def:20120544	P	RHSA-2012:0544: ImageMagick security update (Moderate)	2012-05-07

BACK