CVE-2012-1798

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.7.6-3

Description The issue allows remote attackers to cause a denial of service, resulting in an out-of-bounds read and crash, via a crafted EXIF IFD in a TIFF image. This is due to a problem in the TIFFGetEXIFProperties function in coders/tiff.c.

Recommendations For versions prior to 6.7.6-3, update to version 6.7.6-3 or later to resolve the issue. As a temporary workaround, consider restricting the processing of TIFF images with crafted EXIF IFD to minimize the risk of exploitation.