{"id":"CVE-2012-0259","details":"The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read.","modified":"2025-08-09T19:01:27Z","published":"2012-06-05T22:55:07Z","references":[{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2012-0544.html"},{"type":"ADVISORY","url":"http://secunia.com/advisories/48679"},{"type":"ADVISORY","url":"http://secunia.com/advisories/48974"},{"type":"ADVISORY","url":"http://secunia.com/advisories/49043"},{"type":"ADVISORY","url":"http://secunia.com/advisories/49063"},{"type":"ADVISORY","url":"http://secunia.com/advisories/49317"},{"type":"ADVISORY","url":"http://secunia.com/advisories/55035"},{"type":"ADVISORY","url":"http://ubuntu.com/usn/usn-1435-1"},{"type":"ADVISORY","url":"http://www.debian.org/security/2012/dsa-2462"},{"type":"REPORT","url":"http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/52898"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id?1027032"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259"},{"type":"ADVISORY","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/74657"},{"type":"WEB","url":"http://www.cert.fi/en/reports/2012/vulnerability635606.html"},{"type":"WEB","url":"http://www.osvdb.org/81021"}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}