imagemagick is vulnerable to arbitrary code execution. The vulnerability exists as a heap-based buffer overflow flaw was found in the way ImageMagick parsed XCF files. If a specially-crafted XCF image was opened, ImageMagick could be made to overwrite heap memory beyond the bounds of its allocated memory. This could, potentially, allow an attacker to execute arbitrary code on the machine running ImageMagick.
bugs.debian.org/cgi-bin/bugreport.cgi?bug=414370
lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html
osvdb.org/43212
secunia.com/advisories/29786
secunia.com/advisories/30967
secunia.com/advisories/32945
secunia.com/advisories/36260
www.debian.org/security/2009/dsa-1858
www.mandriva.com/security/advisories?name=MDVSA-2008:099
www.redhat.com/security/updates/classification/#moderate
www.redhat.com/support/errata/RHSA-2008-0145.html
www.securityfocus.com/bid/28821
www.securitytracker.com/id?1019880
www.ubuntu.com/usn/USN-681-1
access.redhat.com/errata/RHSA-2008:0145
bugzilla.redhat.com/show_bug.cgi?id=286411
exchange.xforce.ibmcloud.com/vulnerabilities/41194
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10843