In association with heise online

16 August 2006, 08:40

Security Hole in free graphics program ImageMagick

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The security experts from have discovered a security hole in the cost-free open source graphics program ImageMagick. It could be used by attackers to plant malicious code. The error can occur during the processing of manipulated images in SGI format.

Integer variables can be forced to overrun by setting large values in specific parameter fields of an SGI image used for calculating image size. This leads to the allocation of insufficient memory for the subsequent image operations. The new version of the graphics software, 6.2.9, closes this security breach.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit