Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8895