Stefan Cornelius discovered a buffer overflow in devil, a cross-platform image loading and manipulation toolkit, which could be triggered via a crafted Radiance RGBE file. This could potentially lead to the execution of arbitrary code.