CVE-2014-1958

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.8.8-5

Description A buffer overflow issue exists in the DecodePSDPixels function in coders/psd.c, potentially allowing remote attackers to execute arbitrary code via a crafted PSD image. The issue involves the L%06ld string.

Recommendations For versions prior to 6.8.8-5, update to version 6.8.8-5 or later to resolve the issue. As a temporary workaround, consider restricting the use of the DecodePSDPixels function in coders/psd.c until a patch is applied. Avoid using the L%06ld string in PSD images to minimize the risk of exploitation.