{"id":"CVE-2008-6071","details":"Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image.  NOTE: some of these details are obtained from third party information.","modified":"2025-08-09T19:01:27Z","published":"2009-02-10T06:59:34Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/30549"},{"type":"WEB","url":"http://cvs.graphicsmagick.org/cgi-bin/cvsweb.cgi/GraphicsMagick/coders/pict.c"},{"type":"WEB","url":"http://sourceforge.net/project/shownotes.php?release_id=604785"},{"type":"WEB","url":"http://sourceforge.net/project/shownotes.php?release_id=604837"},{"type":"WEB","url":"http://sourceforge.net/project/shownotes.php?release_id=604837&group_id=73485"},{"type":"WEB","url":"http://www.securityfocus.com/bid/29583"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/42906"}],"schema_version":"1.7.3"}