Improper Memory Allocation in Magick_png_malloc Function in GraphicsMagick 6.7.8-6

Improper Memory Allocation in Magick_png_malloc Function in GraphicsMagick 6.7.8-6

CVE-2012-3438 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.

Learn more about our Web Application Penetration Testing UK.