CVE-2007-4988

Published: 24 September 2007

Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow.

Priority

Medium

Status

Package Release Status
graphicsmagick
Launchpad, Ubuntu, Debian
Upstream
Released (1.1.11)
imagemagick
Launchpad, Ubuntu, Debian
Upstream
Released (6.3.5-9)