{"id":"CVE-2012-3437","details":"The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.","modified":"2026-01-27T04:11:18.043269Z","published":"2012-08-07T21:55:02Z","withdrawn":"2026-01-27T04:11:18.043269Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/50091"},{"type":"ADVISORY","url":"http://secunia.com/advisories/50398"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:160"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:092"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-1544-1"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=844101"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00101.html"},{"type":"WEB","url":"http://www.securityfocus.com/bid/54714"},{"type":"WEB","url":"http://www.securitytracker.com/id?1027321"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/77260"},{"type":"WEB","url":"https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0243"}],"schema_version":"1.7.3"}