An integer overflow bug was posted to full-disclosure describing an integer overflow bug in the way ImageMagick parses SGI image files. http://www.securityfocus.com/archive/1/archive/1/443208/100/0/threaded
Created attachment 134304 [details] Demo Image from the reporter
The patch for this issue can be extraced from subversion: svn diff -r 3812:3813 https://subversion.imagemagick.org/subversion/
This issue also affects RHEL2.1 and RHEL3
Ok, I added another testcase with the demo image, and did 5.3.8-16 5.5.6-20 6.0.7.1-16
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2006-0633.html