ImageMagick is vulnerable to an out of bounds read / heap overflow in the function ReadDCMImage() in the file dcm.c. GraphicsMagick, which is a fork of ImageMagick, is not affected.
The issue has been found with the help of Address Sanitizer and the fuzzing tool zzuf.
ImageMagick has released version 6.8.9-9 which fixes this and some other out-of-bounds issues. GraphicsMagick, which is a fork of ImageMagick, is not affected.
2014-10-24: Discovery, informed upstream developers
2014-10-25: Patch in upstream SVN
2014-10-25: Upstream released 6.8.9-9 with fix
Patch / upstream commit
Fuzzing sample (try with identify or convert)
Hanno Böck, 2014-11-01