ImageMagick(TM) is an image display and manipulation tool for the X Window System that can read and write multiple image formats.
A shell command injection flaw was found in ImageMagick's "display" command. It is possible to execute arbitrary commands by tricking a user into running "display" on a file with a specially crafted name. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CVE-2005-4601 to this issue.
A format string flaw was discovered in the way ImageMagick handles filenames. It may be possible to execute arbitrary commands by tricking a user into running a carefully crafted ImageMagick command. (CVE-2006-0082)
Users of ImageMagick should upgrade to these updated packages, which contain backported patches and are not vulnerable to these issues.