diff -uNr -r cacti-0.8.6j-orig/graph_image.php cacti-0.8.6j/graph_image.php
--- cacti-0.8.6j-orig/graph_image.php	2007-01-18 01:23:10.000000000 +0100
+++ cacti-0.8.6j/graph_image.php	2007-06-06 21:00:17.278210000 +0200
@@ -51,22 +51,22 @@
 $graph_data_array = array();
 
 /* override: graph start time (unix time) */
-if (!empty($_GET["graph_start"])) {
+if (!empty($_GET["graph_start"]) && $_GET["graph_start"] < 1600000000) {
 	$graph_data_array["graph_start"] = $_GET["graph_start"];
 }
 
 /* override: graph end time (unix time) */
-if (!empty($_GET["graph_end"])) {
+if (!empty($_GET["graph_end"]) && $_GET["graph_end"] < 1600000000) {
 	$graph_data_array["graph_end"] = $_GET["graph_end"];
 }
 
 /* override: graph height (in pixels) */
-if (!empty($_GET["graph_height"])) {
+if (!empty($_GET["graph_height"]) && $_GET["graph_height"] < 3000) {
 	$graph_data_array["graph_height"] = $_GET["graph_height"];
 }
 
 /* override: graph width (in pixels) */
-if (!empty($_GET["graph_width"])) {
+if (!empty($_GET["graph_width"]) && $_GET["graph_width"] < 3000) {
 	$graph_data_array["graph_width"] = $_GET["graph_width"];
 }