Primary

Context

ImageMagick Integer Overflow Vulnerability in Sun Decoder Leading to Heap Overflow

Vulnerability

Patched

A vulnerability allowing integer overflow has been identified in the sun decoder of ImageMagick, specifically in 32-bit systems and builds. This vulnerability can be exploited by using a carefully crafted image, which leads to an out-of-bounds write in the heap. Versions prior to 7.1.2-15 and 6.9.13-40 are affected, while the mentioned versions contain a patch.

Impact

Exploitation of this vulnerability causes a heap-buffer overflow, which can lead to memory corruption and potentially allow for arbitrary code execution.

Remediation

Users can upgrade to ImageMagick versions 7.1.2-15 or 6.9.13-40 to address this vulnerability.

Added: Feb 24, 2026, 2:23 AM

Updated: Feb 24, 2026, 2:23 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

1.3

exploitability

2.9

remediation

7.7

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

1.3

exploitability

2.9

remediation

7.7

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ImageMagick Integer Overflow Vulnerability in Sun Decoder Leading to Heap Overflow

Vulnerability

Impact

Remediation

Affected Products

ImageMagick

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating