Mandriva Linux Security Advisory MDKSA-2006-155 - Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images. Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun bitmap images that trigger heap-based buffer overflows. An integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large bytes_per_pixel, columns, and rows values, which trigger a heap-based buffer overflow.
17ea48c30ae262993a867073c259c4ec7c7c700fdadae830130ae4309c554f4c