CVE-2006-4144

Published: 15 August 2006

Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow.

Priority

Unknown

Status

Package Release Status
graphicsmagick
Launchpad, Ubuntu, Debian
Upstream Needs triage

imagemagick
Launchpad, Ubuntu, Debian
Upstream Needs triage