Mandriva Linux Security Advisory : graphicsmagick (MDVSA-2012:165)
Medium Nessus Plugin ID 62540
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been found and corrected in graphicsmagick :
The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation (CVE-2012-3438).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.