Novell Home

CVE-2012-3438

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-3438 at MITRE

Description

The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.

NVD CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)

Novell/SUSE information

Novell Bugzilla entry: 773612, 785093

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP4 for x86
  • ImageMagick >= 6.2.5-16.36.2
  • ImageMagick-Magick++ >= 6.2.5-16.36.2
  • ImageMagick-devel >= 6.2.5-16.36.2
  • perl-PerlMagick >= 6.2.5-16.36.2
Builds
ZYPP Patch Nr: 8512
SLE SDK 10 SP4 for IBM iSeries and IBM pSeries
SLE SDK 10 SP4 for IBM zSeries
SLE SDK 10 SP4 for IPF
SLE SDK 10 SP4 for X86-64
SLE SDK 10 SP4 for x86
  • ImageMagick >= 6.2.5-16.36.2
  • ImageMagick-Magick++ >= 6.2.5-16.36.2
  • ImageMagick-Magick++-devel >= 6.2.5-16.36.2
  • ImageMagick-devel >= 6.2.5-16.36.2
  • perl-PerlMagick >= 6.2.5-16.36.2
Builds
ZYPP Patch Nr: 8512
SUSE Studio Extension for System z 1.2
SUSE Studio Onsite 1.2 [Appliance - Studio]
  • GraphicsMagick >= 1.2.5-4.33.3
  • libGraphicsMagick2 >= 1.2.5-4.33.3
Builds
SAT Patch Nr: 7722
SLE 11 SP2 DEBUGINFO
  • GraphicsMagick-debuginfo >= 1.2.5-4.33.1
  • GraphicsMagick-debugsource >= 1.2.5-4.33.1
Builds
SAT Patch Nr: 7528
SUSE Linux Enterprise Software Development Kit 11 SP2
  • GraphicsMagick >= 1.2.5-4.33.1
  • libGraphicsMagick2 >= 1.2.5-4.33.1
  • perl-GraphicsMagick >= 1.2.5-4.33.1
Builds
SAT Patch Nr: 7528
SUSE Studio Onsite 1.3
  • GraphicsMagick >= 1.2.5-4.33.1
  • libGraphicsMagick2 >= 1.2.5-4.33.1
Builds
SAT Patch Nr: 7528
SLE 11 SP2 DEBUGINFO
  • ImageMagick-debuginfo >= 6.4.3.6-7.26.1
  • ImageMagick-debugsource >= 6.4.3.6-7.26.1
Builds
SAT Patch Nr: 7520
SUSE Linux Enterprise Software Development Kit 11 SP2
  • ImageMagick >= 6.4.3.6-7.26.1
  • ImageMagick-devel >= 6.4.3.6-7.26.1
  • libMagick++-devel >= 6.4.3.6-7.26.1
  • libMagick++1 >= 6.4.3.6-7.26.1
  • libMagickWand1 >= 6.4.3.6-7.26.1
  • perl-PerlMagick >= 6.4.3.6-7.26.1
Builds
SAT Patch Nr: 7520
SUSE Linux Enterprise Software Development Kit 11 SP2
  • ImageMagick >= 6.4.3.6-7.26.1
  • ImageMagick-devel >= 6.4.3.6-7.26.1
  • libMagick++-devel >= 6.4.3.6-7.26.1
  • libMagick++1 >= 6.4.3.6-7.26.1
  • libMagickWand1 >= 6.4.3.6-7.26.1
  • libMagickWand1-32bit >= 6.4.3.6-7.26.1
  • perl-PerlMagick >= 6.4.3.6-7.26.1
Builds
SAT Patch Nr: 7520
SUSE Linux Enterprise Desktop 11 SP2
  • ImageMagick >= 6.4.3.6-7.26.1
  • libMagick++1 >= 6.4.3.6-7.26.1
  • libMagickCore1 >= 6.4.3.6-7.26.1
  • libMagickWand1 >= 6.4.3.6-7.26.1
Builds
SAT Patch Nr: 7520
SUSE Linux Enterprise Desktop 11 SP2
  • ImageMagick >= 6.4.3.6-7.26.1
  • libMagick++1 >= 6.4.3.6-7.26.1
  • libMagickCore1 >= 6.4.3.6-7.26.1
  • libMagickCore1-32bit >= 6.4.3.6-7.26.1
  • libMagickWand1 >= 6.4.3.6-7.26.1
Builds
SAT Patch Nr: 7520
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • libMagickCore1 >= 6.4.3.6-7.26.1
Builds
SAT Patch Nr: 7520
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • libMagickCore1 >= 6.4.3.6-7.26.1
  • libMagickCore1-32bit >= 6.4.3.6-7.26.1
Builds
SAT Patch Nr: 7520

© 2014 Novell