2007-09-24 22:00:00
mitre
PUBLISHED
Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a 0 character to an out-of-bounds address.