Description: SUSE has issued an update for imagemagick. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
1) A format string error within the handling of filenames can be exploited to execute arbitrary code by via a specially crafted filename containing format specifiers.
2) An unspecified boundary error within the handling of SGI files can be exploited cause a heap-based buffer overflow and potentially execute arbitrary code via a specially crafted SGI file.
This update also fixes some other errors in the handling of TIFF and PSD images, which can be exploited to crash ImageMagick.
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.