ImageMagick < 6.7.6-4 profile.c Heap-Based Buffer Overflow
Medium Nessus Plugin ID 59371
SynopsisThe remote Windows host contains an application that is affected by
a buffer overflow vulnerability.
DescriptionThe remote Windows host is running a version of ImageMagick earlier
than 6.7.6-4 and is, therefore, affected by a heap-based buffer
overflow vulnerability because the fix for CVE-2012-0259 was
The functions 'GetEXIFProperty' and 'SyncImageProfiles' in the file
'magick/profile.c' do not properly validate user-supplied input. This
error can cause the application to crash when processing certain
SolutionUpgrade to ImageMagick version 6.7.6-4 or later.
Note that you may need to manually uninstall the vulnerable version
from the system.