6.6.4.0

DATE	CVE	VULNERABILITY TITLE	RISK
2012-06-05	CVE-2012-1610	Integer Overflow OR Wraparound vulnerability in multiple products Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF tags in a JPEG image. network low complexity imagemagick debian canonical opensuse CWE-190	5.0
2012-06-05	CVE-2012-1186	Infinite Loop vulnerability in multiple products Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. local low complexity imagemagick debian canonical opensuse CWE-835	5.5
2012-06-05	CVE-2012-1185	Integer Overflow or Wraparound vulnerability in multiple products Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. local low complexity imagemagick debian canonical opensuse CWE-190	7.8
2012-06-05	CVE-2012-0260	Resource Exhaustion vulnerability in Imagemagick The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers. network imagemagick canonical debian redhat opensuse CWE-400	4.3
2012-06-05	CVE-2012-0259	Out-Of-Bounds Read vulnerability in Imagemagick The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read. network imagemagick debian canonical opensuse CWE-125	4.3
2012-06-05	CVE-2012-0248	Infinite Loop vulnerability in Imagemagick ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF. network imagemagick debian canonical redhat CWE-835	4.3
2012-06-05	CVE-2012-0247	Improper Input Validation vulnerability in Imagemagick ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image. network imagemagick debian canonical redhat CWE-20	6.8
2010-11-22	CVE-2010-4167	Local Privilege Escalation vulnerability in ImageMagick 'configure.c' Configuration File Loading Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory. local imagemagick	6.9