CVE-2006-4144

EPSS 19.1%

Published: 8/15/2006Modified: 4/28/2026

Description

Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow.

Affected packages (2)

Debian/graphicsmagickfrom 0, < 1.1.7-7
Debian/imagemagickfrom 0, < 7:6.2.4.5.dfsg1-0.10

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-4144