ImageIO in Apple OS X prior to 10.10.3 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .sgi file.
apple mac os x