diff -ur contrib/image_im_advanced/image_im_advanced.info contrib/image_im_advanced/image_im_advanced.info
--- contrib/image_im_advanced/image_im_advanced.info	2010-07-13 19:08:31.000000000 -0500
+++ contrib/image_im_advanced/image_im_advanced.info	2010-01-16 05:50:08.000000000 -0600
@@ -177,7 +177,7 @@
 
   // Convert to specified color profile.
   if (!empty($options['profile']['path']) && is_readable($options['profile']['path'])) {
-    $args['profile'] = '-profile '. $options['profile']['path'];
+    $args['profile'] = '-profile '. escapeshellarg($options['profile']['path']);
   }
 
   // Assign a color space. Skip this if a color profile has been provided,
diff -ur image.imagemagick.inc image.imagemagick.inc
--- image.imagemagick.inc	2009-03-05 19:40:09.000000000 -0600
+++ image.imagemagick.inc	2010-07-23 02:04:12.304293600 -0500
@@ -123,11 +123,17 @@
  * Calls the convert executable with the specified filter.
  */
 function _image_imagemagick_convert($source, $dest, $args) {
-  $command = implode(' ', array(
-    preg_replace("/[^A-Za-z0-9\!\.\-\+\_\/\040]/", '', implode(' ', $args)),
-    escapeshellarg($source),
-    escapeshellarg($dest),
-  ));
+  // Although we're unsure what the legacy code below is attempting to
+  // protect, there's definitely no need to protect the "profile" argument,
+  // and doing it this way doesn't work, so hide "profile" from this.
+  $profile = $args['profile'];
+  unset($args['profile']);
+  $cleaned_args = preg_replace("/[^A-Za-z0-9\!\.\-\+\_\/\040]/", '',
+                                implode(' ', $args));
+  $command = $cleaned_args . " " .
+             ($profile?"$profile ":"") .
+             escapeshellarg($source) . " " .
+             escapeshellarg($dest);
 
   if (0 != _image_imagemagick_convert_exec($command, $output, $errors)) {
     return FALSE;
@@ -147,7 +153,7 @@
     // http://us3.php.net/manual/en/function.exec.php#56599
     // Use /D to run the command from PHP's current working directory so the
     // file paths don't have to be absolute.
-    $convert_path = 'start "window title" /D'. escapeshellarg(getcwd()) .' /B '. escapeshellarg($convert_path);
+    $convert_path = 'start "window title" /D '. escapeshellarg(getcwd()) .' /B '. escapeshellarg($convert_path);
   }
 
   $descriptors = array(