CVE-2007-1797

Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 6.3.3-5

Description: The issue is related to multiple integer overflows that can be exploited by remote attackers to execute arbitrary code. This can be achieved through a crafted DCM image, which causes a heap-based overflow in the ReadDCMImage function, or by exploiting the colors or comments field in a crafted XWD image, resulting in a heap-based overflow in the ReadXWDImage function.

Recommendations: For versions prior to 6.3.3-5, update to version 6.3.3-5 or later to resolve the issue. As a temporary workaround, consider restricting the use of the ReadDCMImage and ReadXWDImage functions until a patch is applied. Avoid processing crafted DCM or XWD images with vulnerable versions of ImageMagick to minimize the risk of exploitation.