CVE-2009-1882
Description
Integer overflow in ImageMagick's XMakeImage function allows remote code execution via crafted TIFF file, affecting versions 6.5.2-8 and GraphicsMagick.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Integer overflow in ImageMagick's XMakeImage function allows remote code execution via crafted TIFF file, affecting versions 6.5.2-8 and GraphicsMagick.
Vulnerability
Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8 and GraphicsMagick (as confirmed in [3]) allows remote attackers to cause a buffer overflow via a specially crafted TIFF file. The overflow occurs when processing image dimensions, leading to undersized buffer allocation.
Exploitation
An attacker can exploit this by providing a malicious TIFF file to an application using ImageMagick or GraphicsMagick to process images. No authentication is required; the attack can be remote if the application accepts user-supplied images. The crafted TIFF triggers the integer overflow, resulting in a heap-based buffer overflow.
Impact
Successful exploitation can lead to denial of service (crash) and potentially arbitrary code execution with the privileges of the application processing the image. The vulnerability affects both ImageMagick and GraphicsMagick.
Mitigation
The fix was included in ImageMagick versions after 6.5.2-8. Users should upgrade to a patched version. For GraphicsMagick, the issue was addressed in subsequent releases. No workarounds are documented in the available references. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog.
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4cpe:2.3:a:imagemagick:imagemagick:6.5.2-8:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:imagemagick:imagemagick:6.5.2-8:*:*:*:*:*:*:*
- (no CPE)range: = 6.5.2-8
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
20- secunia.com/advisories/35216nvdVendor Advisory
- imagemagick.org/script/changelog.phpnvd
- lists.fedoraproject.org/pipermail/package-announce/2010-January/033766.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2010-January/033833.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.htmlnvd
- mirror1.smudge-it.co.uk/imagemagick/www/changelog.htmlnvd
- osvdb.org/54729nvd
- secunia.com/advisories/35382nvd
- secunia.com/advisories/35685nvd
- secunia.com/advisories/36260nvd
- secunia.com/advisories/37959nvd
- secunia.com/advisories/55721nvd
- security.gentoo.org/glsa/glsa-201311-10.xmlnvd
- wiki.rpath.com/Advisories:rPSA-2010-0074nvd
- www.debian.org/security/2009/dsa-1858nvd
- www.openwall.com/lists/oss-security/2009/06/08/1nvd
- www.securityfocus.com/archive/1/514516/100/0/threadednvd
- www.securityfocus.com/bid/35111nvd
- www.vupen.com/english/advisories/2009/1449nvd
- usn.ubuntu.com/784-1/nvd
News mentions
0No linked articles in our index yet.