{"id": "CVE-2015-4588", "bulletinFamily": "NVD", "title": "CVE-2015-4588", "description": "Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted \"run-length count\" in an image in a WMF file.", "published": "2015-07-01T14:59:00", "modified": "2018-10-30T16:27:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4588", "reporter": "cve@mitre.org", "references": ["http://lists.opensuse.org/opensuse-updates/2015-06/msg00051.html", "http://lists.opensuse.org/opensuse-updates/2015-07/msg00018.html", "http://www.debian.org/security/2015/dsa-3302", "https://security.gentoo.org/glsa/201602-03", "https://bugzilla.redhat.com/show_bug.cgi?id=1227243", "http://www.openwall.com/lists/oss-security/2015/06/03/6", "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "http://lists.opensuse.org/opensuse-updates/2015-06/msg00053.html", "http://www.securityfocus.com/bid/75230", "http://www.openwall.com/lists/oss-security/2015/06/16/4", "http://www.securitytracker.com/id/1032771", "http://rhn.redhat.com/errata/RHSA-2015-1917.html", "http://www.ubuntu.com/usn/USN-2670-1", "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160668.html"], "cvelist": ["CVE-2015-4588"], "type": "cve", "lastseen": "2019-05-29T18:14:42", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "69700431004c41a40c903beab942243e"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "d3c215d2a169711fa6da928189e09097"}, {"key": "cpe23", "hash": "a797202691badc5ce9105a71c520941a"}, {"key": "cvelist", "hash": "09665f20ac866e92d3439fa0a47ce5a4"}, {"key": "cvss", "hash": "4cac367be6dd8242802053610be9dee6"}, {"key": "cvss2", "hash": "ed680418e7920255a42996cf5fef98da"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "bb61a0949f8c36262500079f243672e2"}, {"key": "description", "hash": "7400985414ae9c04f69c0031ff2024fb"}, {"key": "href", "hash": "eacd9727938171fdec45402f45d628c1"}, {"key": "modified", "hash": "fd717ad1064d16c8f2da2ff609afc05e"}, {"key": "published", "hash": "44788466a29fb44880c4aaff30783fd3"}, {"key": "references", "hash": "e47591d40c44241b13234b0a080585bb"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "bb7252c6d21499ccf4f8b6e71c1612a6"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "230b269acc7231296ca02edbe7845f0f008bb51ac7fa1e42f0a8dd699faff64a", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "debian", "idList": ["DEBIAN:DLA-253-1:570D2", "DEBIAN:DSA-3302-1:1B9B5"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-253.NASL", "FEDORA_2015-9674.NASL", "OPENSUSE-2015-444.NASL", "OPENSUSE-2015-443.NASL", "ORACLELINUX_ELSA-2015-1917.NASL", "GENTOO_GLSA-201602-03.NASL", "OPENSUSE-2015-477.NASL", "SUSE_SU-2015-1484-1.NASL", "REDHAT-RHSA-2015-1917.NASL", "UBUNTU_USN-2670-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310869463", "OPENVAS:1361412562310842276", "OPENVAS:1361412562310882298", "OPENVAS:1361412562310703302", "OPENVAS:1361412562310121442", "OPENVAS:1361412562310871460", "OPENVAS:1361412562310122715", "OPENVAS:1361412562310869822", "OPENVAS:1361412562310869739", "OPENVAS:703302"]}, {"type": "gentoo", "idList": ["GLSA-201602-03"]}, {"type": "redhat", "idList": ["RHSA-2015:1917"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14583", "SECURITYVULNS:DOC:32317"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-1917"]}, {"type": "centos", "idList": ["CESA-2015:1917"]}, {"type": "ubuntu", "idList": ["USN-2670-1"]}, {"type": "amazon", "idList": ["ALAS-2015-604"]}, {"type": "freebsd", "idList": ["CA139C7F-2A8C-11E5-A4A5-002590263BF5"]}, {"type": "slackware", "idList": ["SSA-2018-120-01"]}, {"type": "kitploit", "idList": ["KITPLOIT:2973941148692546578"]}], "modified": "2019-05-29T18:14:42"}, "score": {"value": 7.5, "vector": "NONE", "modified": "2019-05-29T18:14:42"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "cpe": ["cpe:/a:opensuse:opensuse:13.2", "cpe:/o:opensuse:opensuse:13.1", "cpe:/o:fedoraproject:fedora:21", "cpe:/a:fedoraproject:fedora:21", "cpe:/o:opensuse:opensuse:13.2", "cpe:/a:wvware:libwmf:0.2.8.4", "cpe:/a:opensuse:opensuse:13.1"], "affectedSoftware": [{"name": "fedoraproject fedora", "operator": "eq", "version": "21"}, {"name": "wvware libwmf", "operator": "eq", "version": "0.2.8.4"}, {"name": "opensuse opensuse", "operator": "eq", "version": "13.2"}, {"name": "opensuse opensuse", "operator": "eq", "version": "13.1"}], "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:wvware:libwmf:0.2.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"], "cwe": ["CWE-119"]}

{"debian": [{"lastseen": "2019-05-30T02:22:31", "bulletinFamily": "unix", "description": "Package : libwmf\nVersion : 0.2.8.4-6.2+deb6u1\nCVE ID : CVE-2015-0848 CVE-2015-4588\nDebian Bug : #787644\n\nThe following vulnerabilities were discovered in the Windows Metafile\nconversion library when reading BMP images embedded into WMF files:\n\nCVE-2015-0848\n\n A heap overflow when decoding embedded BMP images that don&#x27;t use 8 bits per\n pixel.\n \nCVE-2015-4588\n\n A missing check in the RLE decoding of embedded BMP images.\n\nWe recommend that you update your libwmf packages.\n", "modified": "2015-06-26T07:14:51", "published": "2015-06-26T07:14:51", "id": "DEBIAN:DLA-253-1:570D2", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201506/msg00020.html", "title": "[SECURITY] [DLA 253-1] libwmf security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:21:58", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3302-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJuly 06, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libwmf\nCVE ID : CVE-2015-0848 CVE-2015-4588 CVE-2015-4695 CVE-2015-4696\n\nInsufficient input sanitising in libwmf, a library to process Windows\nmetafile data, may result in denial of service or the execution of\narbitrary code if a malformed WMF file is opened.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 0.2.8.4-10.3+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 0.2.8.4-10.3+deb8u1.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your libwmf packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2015-07-06T20:59:25", "published": "2015-07-06T20:59:25", "id": "DEBIAN:DSA-3302-1:1B9B5", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00198.html", "title": "[SECURITY] [DSA 3302-1] libwmf security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:36:14", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-06-25T00:00:00", "id": "OPENVAS:1361412562310869463", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869463", "title": "Fedora Update for libwmf FEDORA-2015-9674", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libwmf FEDORA-2015-9674\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869463\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-25 06:31:38 +0200 (Thu, 25 Jun 2015)\");\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libwmf FEDORA-2015-9674\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libwmf'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libwmf on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9674\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160668.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"libwmf\", rpm:\"libwmf~0.2.8.4~43.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:39", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2015-07-09T00:00:00", "id": "OPENVAS:1361412562310842276", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842276", "title": "Ubuntu Update for libwmf USN-2670-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for libwmf USN-2670-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842276\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-09 06:37:46 +0200 (Thu, 09 Jul 2015)\");\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\", \"CVE-2015-4695\", \"CVE-2015-4696\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for libwmf USN-2670-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libwmf'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Fernando Mu&#241 oz and Stefan Cornelius\ndiscovered that libwmf incorrectly handled certain malformed images. If a user\nor automated system were tricked into opening a crafted image file, an attacker\ncould cause a denial of service or execute arbitrary code with privileges of the\nuser invoking the program.\");\n script_tag(name:\"affected\", value:\"libwmf on Ubuntu 14.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2670-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2670-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.10|14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libwmf0.2-7:amd64\", ver:\"0.2.8.4-10.3ubuntu1.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libwmf0.2-7:i386\", ver:\"0.2.8.4-10.3ubuntu1.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libwmf0.2-7:amd64\", ver:\"0.2.8.4-10.3ubuntu1.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libwmf0.2-7:i386\", ver:\"0.2.8.4-10.3ubuntu1.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libwmf0.2-7\", ver:\"0.2.8.4-10ubuntu1.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:51", "bulletinFamily": "scanner", "description": "Check the version of libwmf", "modified": "2019-03-08T00:00:00", "published": "2015-10-21T00:00:00", "id": "OPENVAS:1361412562310882298", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882298", "title": "CentOS Update for libwmf CESA-2015:1917 centos7", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libwmf CESA-2015:1917 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882298\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-21 07:11:25 +0200 (Wed, 21 Oct 2015)\");\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\", \"CVE-2015-4695\", \"CVE-2015-4696\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for libwmf CESA-2015:1917 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of libwmf\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"libwmf is a library for reading and converting Windows Metafile Format\n(WMF) vector graphics. libwmf is used by applications such as GIMP and\nImageMagick.\n\nIt was discovered that libwmf did not correctly process certain WMF\n(Windows Metafiles) with embedded BMP images. By tricking a victim into\nopening a specially crafted WMF file in an application using libwmf, a\nremote attacker could possibly use this flaw to execute arbitrary code with\nthe privileges of the user running the application. (CVE-2015-0848,\nCVE-2015-4588)\n\nIt was discovered that libwmf did not properly process certain WMF files.\nBy tricking a victim into opening a specially crafted WMF file in an\napplication using libwmf, a remote attacker could possibly exploit this\nflaw to cause a crash or execute arbitrary code with the privileges of the\nuser running the application. (CVE-2015-4696)\n\nIt was discovered that libwmf did not properly process certain WMF files.\nBy tricking a victim into opening a specially crafted WMF file in an\napplication using libwmf, a remote attacker could possibly exploit this\nflaw to cause a crash. (CVE-2015-4695)\n\nAll users of libwmf are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdate, all applications using libwmf must be restarted for the update to\ntake effect.\");\n script_tag(name:\"affected\", value:\"libwmf on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1917\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-October/021435.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"libwmf\", rpm:\"libwmf~0.2.8.4~41.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwmf-devel\", rpm:\"libwmf-devel~0.2.8.4~41.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwmf-lite\", rpm:\"libwmf-lite~0.2.8.4~41.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:53", "bulletinFamily": "scanner", "description": "Insufficient input sanitising\nin libwmf, a library to process Windows metafile data, may result in denial of\nservice or the execution of arbitrary code if a malformed WMF file is opened.", "modified": "2019-03-18T00:00:00", "published": "2015-07-06T00:00:00", "id": "OPENVAS:1361412562310703302", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703302", "title": "Debian Security Advisory DSA 3302-1 (libwmf - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3302.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3302-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703302\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\", \"CVE-2015-4695\", \"CVE-2015-4696\");\n script_name(\"Debian Security Advisory DSA 3302-1 (libwmf - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-06 00:00:00 +0200 (Mon, 06 Jul 2015)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3302.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"libwmf on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 0.2.8.4-10.3+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 0.2.8.4-10.3+deb8u1.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your libwmf packages.\");\n script_tag(name:\"summary\", value:\"Insufficient input sanitising\nin libwmf, a library to process Windows metafile data, may result in denial of\nservice or the execution of arbitrary code if a malformed WMF file is opened.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libwmf-bin\", ver:\"0.2.8.4-10.3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwmf-dev\", ver:\"0.2.8.4-10.3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwmf-doc\", ver:\"0.2.8.4-10.3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwmf0.2-7:amd64\", ver:\"0.2.8.4-10.3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwmf0.2-7:i386\", ver:\"0.2.8.4-10.3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:43", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2015-1917", "modified": "2018-09-28T00:00:00", "published": "2015-10-21T00:00:00", "id": "OPENVAS:1361412562310122715", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122715", "title": "Oracle Linux Local Check: ELSA-2015-1917", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1917.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122715\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-21 13:05:26 +0300 (Wed, 21 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1917\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1917 - libwmf security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1917\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1917.html\");\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\", \"CVE-2015-4695\", \"CVE-2015-4696\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(7|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"libwmf\", rpm:\"libwmf~0.2.8.4~41.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libwmf-devel\", rpm:\"libwmf-devel~0.2.8.4~41.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libwmf-lite\", rpm:\"libwmf-lite~0.2.8.4~41.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"libwmf\", rpm:\"libwmf~0.2.8.4~25.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libwmf-devel\", rpm:\"libwmf-devel~0.2.8.4~25.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libwmf-lite\", rpm:\"libwmf-lite~0.2.8.4~25.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:11", "bulletinFamily": "scanner", "description": "Gentoo Linux Local Security Checks GLSA 201602-03", "modified": "2018-10-26T00:00:00", "published": "2016-03-02T00:00:00", "id": "OPENVAS:1361412562310121442", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121442", "title": "Gentoo Security Advisory GLSA 201602-03", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201602-03.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.fi>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121442\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2016-03-02 07:03:17 +0200 (Wed, 02 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201602-03\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in libwmf. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201602-03\");\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\", \"CVE-2015-4695\", \"CVE-2015-4696\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201602-03\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"media-libs/libwmf\", unaffected: make_list(\"ge 0.2.8.4-r6\"), vulnerable: make_list(\"lt 0.2.8.4-r6\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:34", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2015-10-21T00:00:00", "id": "OPENVAS:1361412562310871460", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871460", "title": "RedHat Update for libwmf RHSA-2015:1917-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for libwmf RHSA-2015:1917-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871460\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-21 07:10:12 +0200 (Wed, 21 Oct 2015)\");\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\", \"CVE-2015-4695\", \"CVE-2015-4696\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for libwmf RHSA-2015:1917-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libwmf'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"libwmf is a library for reading and converting Windows Metafile Format\n(WMF) vector graphics. libwmf is used by applications such as GIMP and\nImageMagick.\n\nIt was discovered that libwmf did not correctly process certain WMF\n(Windows Metafiles) with embedded BMP images. By tricking a victim into\nopening a specially crafted WMF file in an application using libwmf, a\nremote attacker could possibly use this flaw to execute arbitrary code with\nthe privileges of the user running the application. (CVE-2015-0848,\nCVE-2015-4588)\n\nIt was discovered that libwmf did not properly process certain WMF files.\nBy tricking a victim into opening a specially crafted WMF file in an\napplication using libwmf, a remote attacker could possibly exploit this\nflaw to cause a crash or execute arbitrary code with the privileges of the\nuser running the application. (CVE-2015-4696)\n\nIt was discovered that libwmf did not properly process certain WMF files.\nBy tricking a victim into opening a specially crafted WMF file in an\napplication using libwmf, a remote attacker could possibly exploit this\nflaw to cause a crash. (CVE-2015-4695)\n\nAll users of libwmf are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdate, all applications using libwmf must be restarted for the update to\ntake effect.\");\n script_tag(name:\"affected\", value:\"libwmf on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1917-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-October/msg00025.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"libwmf\", rpm:\"libwmf~0.2.8.4~41.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwmf-debuginfo\", rpm:\"libwmf-debuginfo~0.2.8.4~41.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwmf-lite\", rpm:\"libwmf-lite~0.2.8.4~41.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libwmf\", rpm:\"libwmf~0.2.8.4~25.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwmf-debuginfo\", rpm:\"libwmf-debuginfo~0.2.8.4~25.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwmf-lite\", rpm:\"libwmf-lite~0.2.8.4~25.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:40", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-07-30T00:00:00", "id": "OPENVAS:1361412562310869822", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869822", "title": "Fedora Update for libwmf FEDORA-2015-10601", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libwmf FEDORA-2015-10601\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869822\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-30 05:08:04 +0200 (Thu, 30 Jul 2015)\");\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\", \"CVE-2015-4695\", \"CVE-2015-4696\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libwmf FEDORA-2015-10601\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libwmf'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libwmf on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-10601\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-July/162569.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"libwmf\", rpm:\"libwmf~0.2.8.4~45.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:26", "bulletinFamily": "scanner", "description": "Check the version of libwmf", "modified": "2019-03-08T00:00:00", "published": "2015-10-21T00:00:00", "id": "OPENVAS:1361412562310882299", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882299", "title": "CentOS Update for libwmf CESA-2015:1917 centos6", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libwmf CESA-2015:1917 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882299\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-21 07:11:37 +0200 (Wed, 21 Oct 2015)\");\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\", \"CVE-2015-4695\", \"CVE-2015-4696\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for libwmf CESA-2015:1917 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of libwmf\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"libwmf is a library for reading and converting Windows Metafile Format\n(WMF) vector graphics. libwmf is used by applications such as GIMP and\nImageMagick.\n\nIt was discovered that libwmf did not correctly process certain WMF\n(Windows Metafiles) with embedded BMP images. By tricking a victim into\nopening a specially crafted WMF file in an application using libwmf, a\nremote attacker could possibly use this flaw to execute arbitrary code with\nthe privileges of the user running the application. (CVE-2015-0848,\nCVE-2015-4588)\n\nIt was discovered that libwmf did not properly process certain WMF files.\nBy tricking a victim into opening a specially crafted WMF file in an\napplication using libwmf, a remote attacker could possibly exploit this\nflaw to cause a crash or execute arbitrary code with the privileges of the\nuser running the application. (CVE-2015-4696)\n\nIt was discovered that libwmf did not properly process certain WMF files.\nBy tricking a victim into opening a specially crafted WMF file in an\napplication using libwmf, a remote attacker could possibly exploit this\nflaw to cause a crash. (CVE-2015-4695)\n\nAll users of libwmf are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdate, all applications using libwmf must be restarted for the update to\ntake effect.\");\n script_tag(name:\"affected\", value:\"libwmf on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1917\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-October/021434.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libwmf\", rpm:\"libwmf~0.2.8.4~25.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwmf-devel\", rpm:\"libwmf-devel~0.2.8.4~25.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwmf-lite\", rpm:\"libwmf-lite~0.2.8.4~25.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:07", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-07-11T00:00:00", "id": "OPENVAS:1361412562310869739", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869739", "title": "Fedora Update for libwmf FEDORA-2015-10627", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libwmf FEDORA-2015-10627\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869739\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-11 06:04:29 +0200 (Sat, 11 Jul 2015)\");\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\", \"CVE-2015-4695\", \"CVE-2015-4696\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libwmf FEDORA-2015-10627\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libwmf'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libwmf on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-10627\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-July/161636.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"libwmf\", rpm:\"libwmf~0.2.8.4~45.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2019-02-21T01:24:25", "bulletinFamily": "scanner", "description": "The following vulnerabilities were discovered in the Windows Metafile conversion library when reading BMP images embedded into WMF files :\n\nCVE-2015-0848\n\nA heap overflow when decoding embedded BMP images that don't use 8 bits per pixel. CVE-2015-4588\n\nA missing check in the RLE decoding of embedded BMP images.\n\nWe recommend that you update your libwmf packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-07-06T00:00:00", "id": "DEBIAN_DLA-253.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84407", "published": "2015-06-26T00:00:00", "title": "Debian DLA-253-1 : libwmf security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-253-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84407);\n script_version(\"2.5\");\n script_cvs_date(\"Date: 2018/07/06 11:26:06\");\n\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\");\n script_bugtraq_id(74923, 75230);\n\n script_name(english:\"Debian DLA-253-1 : libwmf security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following vulnerabilities were discovered in the Windows Metafile\nconversion library when reading BMP images embedded into WMF files :\n\nCVE-2015-0848\n\nA heap overflow when decoding embedded BMP images that don't use 8\nbits per pixel. CVE-2015-4588\n\nA missing check in the RLE decoding of embedded BMP images.\n\nWe recommend that you update your libwmf packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/06/msg00020.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/libwmf\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwmf-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwmf-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwmf-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwmf0.2-7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libwmf-bin\", reference:\"0.2.8.4-6.2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libwmf-dev\", reference:\"0.2.8.4-6.2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libwmf-doc\", reference:\"0.2.8.4-6.2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libwmf0.2-7\", reference:\"0.2.8.4-6.2+deb6u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:24:24", "bulletinFamily": "scanner", "description": "CVE-2015-0848 heap overflow when decoding BMP images CVE-2015-0848 heap overflow when decoding BMP images\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-19T00:00:00", "id": "FEDORA_2015-9674.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84377", "published": "2015-06-25T00:00:00", "title": "Fedora 21 : libwmf-0.2.8.4-43.fc21 (2015-9674)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-9674.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84377);\n script_version(\"$Revision: 2.2 $\");\n script_cvs_date(\"$Date: 2015/10/19 23:22:35 $\");\n\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\");\n script_xref(name:\"FEDORA\", value:\"2015-9674\");\n\n script_name(english:\"Fedora 21 : libwmf-0.2.8.4-43.fc21 (2015-9674)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2015-0848 heap overflow when decoding BMP images CVE-2015-0848\nheap overflow when decoding BMP images\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1227243\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160668.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2749ec58\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libwmf package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libwmf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"libwmf-0.2.8.4-43.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwmf\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:24:24", "bulletinFamily": "scanner", "description": "libwmf was updated to fix two security issues.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2015-0848: An attacker that could trick a victim into opening a specially crafted WMF file with BMP portions in a libwmf based application could have executed arbitrary code with the user's privileges.\n (boo#933109)\n\n - CVE-2015-0848: An attacker that could trick a victim into opening a specially crafted WMF file in a libwmf based application could have executed arbitrary code through incorrect run-length encoding. (boo#933109)", "modified": "2015-07-06T00:00:00", "id": "OPENSUSE-2015-444.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84385", "published": "2015-06-25T00:00:00", "title": "openSUSE Security Update : libwmf (openSUSE-2015-444)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-444.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84385);\n script_version(\"$Revision: 2.2 $\");\n script_cvs_date(\"$Date: 2015/07/06 13:45:35 $\");\n\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\");\n\n script_name(english:\"openSUSE Security Update : libwmf (openSUSE-2015-444)\");\n script_summary(english:\"Check for the openSUSE-2015-444 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libwmf was updated to fix two security issues.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2015-0848: An attacker that could trick a victim\n into opening a specially crafted WMF file with BMP\n portions in a libwmf based application could have\n executed arbitrary code with the user's privileges.\n (boo#933109)\n\n - CVE-2015-0848: An attacker that could trick a victim\n into opening a specially crafted WMF file in a libwmf\n based application could have executed arbitrary code\n through incorrect run-length encoding. (boo#933109)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=933109\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libwmf packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-0_2-7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-0_2-7-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-0_2-7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-0_2-7-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-gnome-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-gnome-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-gnome-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwmf-0_2-7-0.2.8.4-239.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwmf-0_2-7-debuginfo-0.2.8.4-239.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwmf-debugsource-0.2.8.4-239.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwmf-devel-0.2.8.4-239.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwmf-gnome-0.2.8.4-239.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwmf-gnome-debuginfo-0.2.8.4-239.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwmf-tools-0.2.8.4-239.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwmf-tools-debuginfo-0.2.8.4-239.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libwmf-0_2-7-32bit-0.2.8.4-239.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libwmf-0_2-7-debuginfo-32bit-0.2.8.4-239.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libwmf-gnome-32bit-0.2.8.4-239.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libwmf-gnome-debuginfo-32bit-0.2.8.4-239.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwmf-0_2-7 / libwmf-0_2-7-32bit / libwmf-0_2-7-debuginfo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:24:24", "bulletinFamily": "scanner", "description": "libwmf was updated to fix three security issues and one non-security bug.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2015-0848: An attacker that could trick a victim into opening a specially crafted WMF file with BMP portions in a libwmf based application could have executed arbitrary code with the user's privileges.\n (boo#933109)\n\n - CVE-2015-0848: An attacker that could trick a victim into opening a specially crafted WMF file in a libwmf based application could have executed arbitrary code through incorrect run-length encoding. (boo#933109)\n\n - CVE-2009-1364: Use-after-free vulnerability in the embedded GD library in libwmf allowed context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WMF file. (boo#495842, boo#831299)\n\nThe following non-security bug was fixed :\n\n - boo#892356: Make libwmf-tools not depend on libwmf-devel", "modified": "2015-06-25T00:00:00", "id": "OPENSUSE-2015-443.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84384", "published": "2015-06-25T00:00:00", "title": "openSUSE Security Update : libwmf (openSUSE-2015-443)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-443.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84384);\n script_version(\"$Revision: 2.1 $\");\n script_cvs_date(\"$Date: 2015/06/25 13:16:54 $\");\n\n script_cve_id(\"CVE-2009-1364\", \"CVE-2015-0848\", \"CVE-2015-4588\");\n\n script_name(english:\"openSUSE Security Update : libwmf (openSUSE-2015-443)\");\n script_summary(english:\"Check for the openSUSE-2015-443 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libwmf was updated to fix three security issues and one non-security\nbug.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2015-0848: An attacker that could trick a victim\n into opening a specially crafted WMF file with BMP\n portions in a libwmf based application could have\n executed arbitrary code with the user's privileges.\n (boo#933109)\n\n - CVE-2015-0848: An attacker that could trick a victim\n into opening a specially crafted WMF file in a libwmf\n based application could have executed arbitrary code\n through incorrect run-length encoding. (boo#933109)\n\n - CVE-2009-1364: Use-after-free vulnerability in the\n embedded GD library in libwmf allowed context-dependent\n attackers to cause a denial of service (application\n crash) or possibly execute arbitrary code via a crafted\n WMF file. (boo#495842, boo#831299)\n\nThe following non-security bug was fixed :\n\n - boo#892356: Make libwmf-tools not depend on libwmf-devel\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=495842\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=831299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=892356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=933109\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libwmf packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-0_2-7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-0_2-7-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-0_2-7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-0_2-7-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-gnome-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-gnome-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-gnome-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libwmf-0_2-7-0.2.8.4-234.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libwmf-0_2-7-debuginfo-0.2.8.4-234.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libwmf-debugsource-0.2.8.4-234.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libwmf-devel-0.2.8.4-234.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libwmf-gnome-0.2.8.4-234.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libwmf-gnome-debuginfo-0.2.8.4-234.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libwmf-tools-0.2.8.4-234.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libwmf-tools-debuginfo-0.2.8.4-234.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libwmf-0_2-7-32bit-0.2.8.4-234.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libwmf-0_2-7-debuginfo-32bit-0.2.8.4-234.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libwmf-gnome-32bit-0.2.8.4-234.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libwmf-gnome-debuginfo-32bit-0.2.8.4-234.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwmf-0_2-7 / libwmf-0_2-7-32bit / libwmf-0_2-7-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:25:14", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2015:1917 :\n\nUpdated libwmf packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nlibwmf is a library for reading and converting Windows Metafile Format (WMF) vector graphics. libwmf is used by applications such as GIMP and ImageMagick.\n\nIt was discovered that libwmf did not correctly process certain WMF (Windows Metafiles) with embedded BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the application. (CVE-2015-0848, CVE-2015-4588)\n\nIt was discovered that libwmf did not properly process certain WMF files. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly exploit this flaw to cause a crash or execute arbitrary code with the privileges of the user running the application. (CVE-2015-4696)\n\nIt was discovered that libwmf did not properly process certain WMF files. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly exploit this flaw to cause a crash. (CVE-2015-4695)\n\nAll users of libwmf are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, all applications using libwmf must be restarted for the update to take effect.", "modified": "2018-07-24T00:00:00", "id": "ORACLELINUX_ELSA-2015-1917.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=86487", "published": "2015-10-21T00:00:00", "title": "Oracle Linux 6 / 7 : libwmf (ELSA-2015-1917)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1917 and \n# Oracle Linux Security Advisory ELSA-2015-1917 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86487);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/24 18:56:12\");\n\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\", \"CVE-2015-4695\", \"CVE-2015-4696\");\n script_xref(name:\"RHSA\", value:\"2015:1917\");\n\n script_name(english:\"Oracle Linux 6 / 7 : libwmf (ELSA-2015-1917)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1917 :\n\nUpdated libwmf packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nlibwmf is a library for reading and converting Windows Metafile Format\n(WMF) vector graphics. libwmf is used by applications such as GIMP and\nImageMagick.\n\nIt was discovered that libwmf did not correctly process certain WMF\n(Windows Metafiles) with embedded BMP images. By tricking a victim\ninto opening a specially crafted WMF file in an application using\nlibwmf, a remote attacker could possibly use this flaw to execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2015-0848, CVE-2015-4588)\n\nIt was discovered that libwmf did not properly process certain WMF\nfiles. By tricking a victim into opening a specially crafted WMF file\nin an application using libwmf, a remote attacker could possibly\nexploit this flaw to cause a crash or execute arbitrary code with the\nprivileges of the user running the application. (CVE-2015-4696)\n\nIt was discovered that libwmf did not properly process certain WMF\nfiles. By tricking a victim into opening a specially crafted WMF file\nin an application using libwmf, a remote attacker could possibly\nexploit this flaw to cause a crash. (CVE-2015-4695)\n\nAll users of libwmf are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling the update, all applications using libwmf must be restarted\nfor the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-October/005461.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-October/005462.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libwmf packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libwmf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libwmf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libwmf-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6 / 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"libwmf-0.2.8.4-25.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libwmf-devel-0.2.8.4-25.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libwmf-lite-0.2.8.4-25.el6_7\")) flag++;\n\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libwmf-0.2.8.4-41.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libwmf-devel-0.2.8.4-41.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libwmf-lite-0.2.8.4-41.el7_1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwmf / libwmf-devel / libwmf-lite\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:25:01", "bulletinFamily": "scanner", "description": "libwmf was updated to fix five security issues.\n\nThese security issues were fixed :\n\n - CVE-2009-1364: Fixed realloc return value usage (bsc#495842, bnc#831299)\n\n - CVE-2015-0848: Heap overflow on libwmf0.2-7 (bsc#933109)\n\n - CVE-2015-4588: DecodeImage() did not check that the run-length 'count' fits into the total size of the image, which could lead to a heap-based buffer overflow (bsc#933109)\n\n - CVE-2015-4695: meta_pen_create heap buffer over read (bsc#936058)\n\n - CVE-2015-4696: Use after free (bsc#936062)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-29T00:00:00", "id": "SUSE_SU-2015-1484-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=85796", "published": "2015-09-04T00:00:00", "title": "SUSE SLED12 Security Update : libwmf (SUSE-SU-2015:1484-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1484-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85796);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/29 12:03:38\");\n\n script_cve_id(\"CVE-2009-1364\", \"CVE-2015-0848\", \"CVE-2015-4588\", \"CVE-2015-4695\", \"CVE-2015-4696\");\n script_bugtraq_id(34792, 74923, 75230, 75329, 75331);\n\n script_name(english:\"SUSE SLED12 Security Update : libwmf (SUSE-SU-2015:1484-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libwmf was updated to fix five security issues.\n\nThese security issues were fixed :\n\n - CVE-2009-1364: Fixed realloc return value usage\n (bsc#495842, bnc#831299)\n\n - CVE-2015-0848: Heap overflow on libwmf0.2-7 (bsc#933109)\n\n - CVE-2015-4588: DecodeImage() did not check that the\n run-length 'count' fits into the total size of the\n image, which could lead to a heap-based buffer overflow\n (bsc#933109)\n\n - CVE-2015-4695: meta_pen_create heap buffer over read\n (bsc#936058)\n\n - CVE-2015-4696: Use after free (bsc#936062)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=495842\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=831299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=933109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=936058\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=936062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2009-1364/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0848/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4588/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4695/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4696/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151484-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?91f4dfcc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12 :\n\nzypper in -t patch SUSE-SLE-WE-12-2015-481=1\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2015-481=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2015-481=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwmf-0_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwmf-0_2-7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwmf-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLED12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libwmf-0_2-7-0.2.8.4-242.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libwmf-0_2-7-debuginfo-0.2.8.4-242.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libwmf-debugsource-0.2.8.4-242.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwmf\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:33:12", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-201602-03 (libwmf: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in libwmf. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could possibly execute arbitrary code with the privileges of the process or cause Denial of Service.\n Workaround :\n\n There is no known work around at this time.", "modified": "2017-10-02T00:00:00", "id": "GENTOO_GLSA-201602-03.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=103586", "published": "2017-10-02T00:00:00", "title": "GLSA-201602-03 : libwmf: Multiple vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201602-03.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(103586);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2017/10/02 21:40:44 $\");\n\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\", \"CVE-2015-4695\", \"CVE-2015-4696\");\n script_xref(name:\"GLSA\", value:\"201602-03\");\n\n script_name(english:\"GLSA-201602-03 : libwmf: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201602-03\n(libwmf: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in libwmf. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could possibly execute arbitrary code with the\n privileges of the process or cause Denial of Service.\n \nWorkaround :\n\n There is no known work around at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201602-03\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All libwmf users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/libwmf-0.2.8.4-r6'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libwmf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-libs/libwmf\", unaffected:make_list(\"ge 0.2.8.4-r6\"), vulnerable:make_list(\"lt 0.2.8.4-r6\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwmf\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:47:30", "bulletinFamily": "scanner", "description": "libwmf was updated to fix four security issues.\n\nThese security issues were fixed :\n\n - CVE-2015-4588: Heap overflow (bnc#933109).\n\n - CVE-2015-4696: Use after free (bnc#936062).\n\n - CVE-2015-4695: Heap buffer over read (bnc#936058).\n\n - CVE-2015-0848: Heap overflow (bnc#933109).", "modified": "2015-07-13T00:00:00", "published": "2015-07-10T00:00:00", "id": "OPENSUSE-2015-477.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84656", "title": "openSUSE Security Update : libwmf (openSUSE-2015-477)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-477.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84656);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2015/07/13 14:01:12 $\");\n\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\", \"CVE-2015-4695\", \"CVE-2015-4696\");\n\n script_name(english:\"openSUSE Security Update : libwmf (openSUSE-2015-477)\");\n script_summary(english:\"Check for the openSUSE-2015-477 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libwmf was updated to fix four security issues.\n\nThese security issues were fixed :\n\n - CVE-2015-4588: Heap overflow (bnc#933109).\n\n - CVE-2015-4696: Use after free (bnc#936062).\n\n - CVE-2015-4695: Heap buffer over read (bnc#936058).\n\n - CVE-2015-0848: Heap overflow (bnc#933109).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=933109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=936058\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=936062\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libwmf packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-0_2-7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-0_2-7-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-0_2-7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-0_2-7-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-gnome-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-gnome-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-gnome-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwmf-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libwmf-0_2-7-0.2.8.4-234.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libwmf-0_2-7-debuginfo-0.2.8.4-234.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libwmf-debugsource-0.2.8.4-234.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libwmf-devel-0.2.8.4-234.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libwmf-gnome-0.2.8.4-234.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libwmf-gnome-debuginfo-0.2.8.4-234.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libwmf-tools-0.2.8.4-234.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libwmf-tools-debuginfo-0.2.8.4-234.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libwmf-0_2-7-32bit-0.2.8.4-234.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libwmf-0_2-7-debuginfo-32bit-0.2.8.4-234.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libwmf-gnome-32bit-0.2.8.4-234.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libwmf-gnome-debuginfo-32bit-0.2.8.4-234.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwmf-0_2-7-0.2.8.4-239.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwmf-0_2-7-debuginfo-0.2.8.4-239.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwmf-debugsource-0.2.8.4-239.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwmf-devel-0.2.8.4-239.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwmf-gnome-0.2.8.4-239.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwmf-gnome-debuginfo-0.2.8.4-239.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwmf-tools-0.2.8.4-239.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwmf-tools-debuginfo-0.2.8.4-239.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libwmf-0_2-7-32bit-0.2.8.4-239.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libwmf-0_2-7-debuginfo-32bit-0.2.8.4-239.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libwmf-gnome-32bit-0.2.8.4-239.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libwmf-gnome-debuginfo-32bit-0.2.8.4-239.7.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwmf-0_2-7 / libwmf-0_2-7-32bit / libwmf-0_2-7-debuginfo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:25:14", "bulletinFamily": "scanner", "description": "Updated libwmf packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nlibwmf is a library for reading and converting Windows Metafile Format (WMF) vector graphics. libwmf is used by applications such as GIMP and ImageMagick.\n\nIt was discovered that libwmf did not correctly process certain WMF (Windows Metafiles) with embedded BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the application. (CVE-2015-0848, CVE-2015-4588)\n\nIt was discovered that libwmf did not properly process certain WMF files. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly exploit this flaw to cause a crash or execute arbitrary code with the privileges of the user running the application. (CVE-2015-4696)\n\nIt was discovered that libwmf did not properly process certain WMF files. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly exploit this flaw to cause a crash. (CVE-2015-4695)\n\nAll users of libwmf are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, all applications using libwmf must be restarted for the update to take effect.", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2015-1917.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=86488", "published": "2015-10-21T00:00:00", "title": "RHEL 6 / 7 : libwmf (RHSA-2015:1917)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1917. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86488);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/11/10 11:49:54\");\n\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\", \"CVE-2015-4695\", \"CVE-2015-4696\");\n script_xref(name:\"RHSA\", value:\"2015:1917\");\n\n script_name(english:\"RHEL 6 / 7 : libwmf (RHSA-2015:1917)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated libwmf packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nlibwmf is a library for reading and converting Windows Metafile Format\n(WMF) vector graphics. libwmf is used by applications such as GIMP and\nImageMagick.\n\nIt was discovered that libwmf did not correctly process certain WMF\n(Windows Metafiles) with embedded BMP images. By tricking a victim\ninto opening a specially crafted WMF file in an application using\nlibwmf, a remote attacker could possibly use this flaw to execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2015-0848, CVE-2015-4588)\n\nIt was discovered that libwmf did not properly process certain WMF\nfiles. By tricking a victim into opening a specially crafted WMF file\nin an application using libwmf, a remote attacker could possibly\nexploit this flaw to cause a crash or execute arbitrary code with the\nprivileges of the user running the application. (CVE-2015-4696)\n\nIt was discovered that libwmf did not properly process certain WMF\nfiles. By tricking a victim into opening a specially crafted WMF file\nin an application using libwmf, a remote attacker could possibly\nexploit this flaw to cause a crash. (CVE-2015-4695)\n\nAll users of libwmf are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling the update, all applications using libwmf must be restarted\nfor the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1917\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-4588\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-4695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-4696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0848\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwmf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwmf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwmf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwmf-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1917\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"libwmf-0.2.8.4-25.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libwmf-debuginfo-0.2.8.4-25.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libwmf-devel-0.2.8.4-25.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libwmf-lite-0.2.8.4-25.el6_7\")) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", reference:\"libwmf-0.2.8.4-41.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libwmf-debuginfo-0.2.8.4-41.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libwmf-devel-0.2.8.4-41.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libwmf-lite-0.2.8.4-41.el7_1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwmf / libwmf-debuginfo / libwmf-devel / libwmf-lite\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:24:30", "bulletinFamily": "scanner", "description": "Fernando Munoz and Stefan Cornelius discovered that libwmf incorrectly handled certain malformed images. If a user or automated system were tricked into opening a crafted image file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-2670-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84635", "published": "2015-07-09T00:00:00", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 14.10 / 15.04 : libwmf vulnerabilities (USN-2670-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2670-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84635);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2018/12/01 15:12:39\");\n\n script_cve_id(\"CVE-2015-0848\", \"CVE-2015-4588\", \"CVE-2015-4695\", \"CVE-2015-4696\");\n script_bugtraq_id(74923, 75230, 75329, 75331);\n script_xref(name:\"USN\", value:\"2670-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 14.10 / 15.04 : libwmf vulnerabilities (USN-2670-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fernando Munoz and Stefan Cornelius discovered that libwmf\nincorrectly handled certain malformed images. If a user or automated\nsystem were tricked into opening a crafted image file, an attacker\ncould cause a denial of service or execute arbitrary code with\nprivileges of the user invoking the program.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2670-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libwmf0.2-7 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwmf0.2-7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(12\\.04|14\\.04|14\\.10|15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 14.10 / 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libwmf0.2-7\", pkgver:\"0.2.8.4-10ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libwmf0.2-7\", pkgver:\"0.2.8.4-10.3ubuntu1.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"libwmf0.2-7\", pkgver:\"0.2.8.4-10.3ubuntu1.14.10.1\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"libwmf0.2-7\", pkgver:\"0.2.8.4-10.3ubuntu1.15.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwmf0.2-7\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:18", "bulletinFamily": "unix", "description": "### Background\n\nlibwmf is a library for converting WMF files.\n\n### Description\n\nMultiple vulnerabilities have been discovered in libwmf. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process or cause Denial of Service. \n\n### Workaround\n\nThere is no known work around at this time.\n\n### Resolution\n\nAll libwmf users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/libwmf-0.2.8.4-r6\"", "modified": "2016-02-27T00:00:00", "published": "2016-02-27T00:00:00", "id": "GLSA-201602-03", "href": "https://security.gentoo.org/glsa/201602-03", "type": "gentoo", "title": "libwmf: Multiple vulnerabilities", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2019-05-29T14:34:48", "bulletinFamily": "unix", "description": "libwmf is a library for reading and converting Windows Metafile Format\n(WMF) vector graphics. libwmf is used by applications such as GIMP and\nImageMagick.\n\nIt was discovered that libwmf did not correctly process certain WMF\n(Windows Metafiles) with embedded BMP images. By tricking a victim into\nopening a specially crafted WMF file in an application using libwmf, a\nremote attacker could possibly use this flaw to execute arbitrary code with\nthe privileges of the user running the application. (CVE-2015-0848,\nCVE-2015-4588)\n\nIt was discovered that libwmf did not properly process certain WMF files.\nBy tricking a victim into opening a specially crafted WMF file in an\napplication using libwmf, a remote attacker could possibly exploit this\nflaw to cause a crash or execute arbitrary code with the privileges of the\nuser running the application. (CVE-2015-4696)\n\nIt was discovered that libwmf did not properly process certain WMF files.\nBy tricking a victim into opening a specially crafted WMF file in an\napplication using libwmf, a remote attacker could possibly exploit this\nflaw to cause a crash. (CVE-2015-4695)\n\nAll users of libwmf are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdate, all applications using libwmf must be restarted for the update to\ntake effect.\n", "modified": "2018-06-06T20:24:13", "published": "2015-10-20T04:00:00", "id": "RHSA-2015:1917", "href": "https://access.redhat.com/errata/RHSA-2015:1917", "type": "redhat", "title": "(RHSA-2015:1917) Important: libwmf security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:01", "bulletinFamily": "software", "description": "Multiple memory corruptions.", "modified": "2015-07-14T00:00:00", "published": "2015-07-14T00:00:00", "id": "SECURITYVULNS:VULN:14583", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14583", "title": "libwmf multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:11:00", "bulletinFamily": "software", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2670-1\r\nJuly 08, 2015\r\n\r\nlibwmf vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 15.04\r\n- Ubuntu 14.10\r\n- Ubuntu 14.04 LTS\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\nlibwmf could be made to crash or run programs as your login if it opened a\r\nspecially crafted file.\r\n\r\nSoftware Description:\r\n- libwmf: Windows metafile conversion tools\r\n\r\nDetails:\r\n\r\nFernando Munoz and Stefan Cornelius discovered that libwmf incorrectly\r\nhandled certain malformed images. If a user or automated system were\r\ntricked into opening a crafted image file, an attacker could cause a denial\r\nof service or execute arbitrary code with privileges of the user invoking\r\nthe program.\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 15.04:\r\n libwmf0.2-7 0.2.8.4-10.3ubuntu1.15.04.1\r\n\r\nUbuntu 14.10:\r\n libwmf0.2-7 0.2.8.4-10.3ubuntu1.14.10.1\r\n\r\nUbuntu 14.04 LTS:\r\n libwmf0.2-7 0.2.8.4-10.3ubuntu1.14.04.1\r\n\r\nUbuntu 12.04 LTS:\r\n libwmf0.2-7 0.2.8.4-10ubuntu1.1\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2670-1\r\n CVE-2015-0848, CVE-2015-4588, CVE-2015-4695, CVE-2015-4695,\r\n CVE-2015-4696\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/libwmf/0.2.8.4-10.3ubuntu1.15.04.1\r\n https://launchpad.net/ubuntu/+source/libwmf/0.2.8.4-10.3ubuntu1.14.10.1\r\n https://launchpad.net/ubuntu/+source/libwmf/0.2.8.4-10.3ubuntu1.14.04.1\r\n https://launchpad.net/ubuntu/+source/libwmf/0.2.8.4-10ubuntu1.1\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "modified": "2015-07-14T00:00:00", "published": "2015-07-14T00:00:00", "id": "SECURITYVULNS:DOC:32317", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32317", "title": "[USN-2670-1] libwmf vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:20", "bulletinFamily": "unix", "description": "[0.2.8.4-25]\n- Resolves: rhbz#1227428 - CVE-2015-0848 CVE-2015-4588 CVE-2015-4695 CVE-2015-4696\n[0.2.8.4-24]\n- Resolves: rhbz#1227429 CVE-2015-0848 libwmf: heap overflow when decoding BMP images", "modified": "2015-10-20T00:00:00", "published": "2015-10-20T00:00:00", "id": "ELSA-2015-1917", "href": "http://linux.oracle.com/errata/ELSA-2015-1917.html", "title": "libwmf security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-05-29T18:34:24", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2015:1917\n\n\nlibwmf is a library for reading and converting Windows Metafile Format\n(WMF) vector graphics. libwmf is used by applications such as GIMP and\nImageMagick.\n\nIt was discovered that libwmf did not correctly process certain WMF\n(Windows Metafiles) with embedded BMP images. By tricking a victim into\nopening a specially crafted WMF file in an application using libwmf, a\nremote attacker could possibly use this flaw to execute arbitrary code with\nthe privileges of the user running the application. (CVE-2015-0848,\nCVE-2015-4588)\n\nIt was discovered that libwmf did not properly process certain WMF files.\nBy tricking a victim into opening a specially crafted WMF file in an\napplication using libwmf, a remote attacker could possibly exploit this\nflaw to cause a crash or execute arbitrary code with the privileges of the\nuser running the application. (CVE-2015-4696)\n\nIt was discovered that libwmf did not properly process certain WMF files.\nBy tricking a victim into opening a specially crafted WMF file in an\napplication using libwmf, a remote attacker could possibly exploit this\nflaw to cause a crash. (CVE-2015-4695)\n\nAll users of libwmf are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdate, all applications using libwmf must be restarted for the update to\ntake effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-October/021434.html\nhttp://lists.centos.org/pipermail/centos-announce/2015-October/021435.html\n\n**Affected packages:**\nlibwmf\nlibwmf-devel\nlibwmf-lite\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1917.html", "modified": "2015-10-20T19:06:55", "published": "2015-10-20T17:05:25", "href": "http://lists.centos.org/pipermail/centos-announce/2015-October/021434.html", "id": "CESA-2015:1917", "title": "libwmf security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2019-05-29T17:22:55", "bulletinFamily": "unix", "description": "Fernando Mu\u00f1oz and Stefan Cornelius discovered that libwmf incorrectly handled certain malformed images. If a user or automated system were tricked into opening a crafted image file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.", "modified": "2015-07-08T00:00:00", "published": "2015-07-08T00:00:00", "id": "USN-2670-1", "href": "https://usn.ubuntu.com/2670-1/", "title": "libwmf vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2019-05-29T17:22:24", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nIt was discovered that libwmf did not correctly process certain WMF (Windows Metafiles) with embedded BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the application. ([CVE-2015-0848 __](<https://access.redhat.com/security/cve/CVE-2015-0848>), [CVE-2015-4588 __](<https://access.redhat.com/security/cve/CVE-2015-4588>))\n\nIt was discovered that libwmf did not properly process certain WMF files. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly exploit this flaw to cause a crash or execute arbitrary code with the privileges of the user running the application. ([CVE-2015-4696 __](<https://access.redhat.com/security/cve/CVE-2015-4696>))\n\nIt was discovered that libwmf did not properly process certain WMF files. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly exploit this flaw to cause a crash. ([CVE-2015-4695 __](<https://access.redhat.com/security/cve/CVE-2015-4695>))\n\nThe gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng. ([CVE-2007-2756 __](<https://access.redhat.com/security/cve/CVE-2007-2756>))\n\nBuffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. ([CVE-2007-0455 __](<https://access.redhat.com/security/cve/CVE-2007-0455>))\n\nThe _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than [CVE-2009-3293 __](<https://access.redhat.com/security/cve/CVE-2009-3293>). NOTE: some of these details are obtained from third party information. ([CVE-2009-3546 __](<https://access.redhat.com/security/cve/CVE-2009-3546>))\n\nInteger overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact. ([CVE-2007-3472 __](<https://access.redhat.com/security/cve/CVE-2007-3472>))\n\nThe gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure. ([CVE-2007-3473 __](<https://access.redhat.com/security/cve/CVE-2007-3473>))\n\n \n**Affected Packages:** \n\n\nlibwmf\n\n \n**Issue Correction:** \nRun _yum update libwmf_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n libwmf-debuginfo-0.2.8.4-41.11.amzn1.i686 \n libwmf-devel-0.2.8.4-41.11.amzn1.i686 \n libwmf-0.2.8.4-41.11.amzn1.i686 \n libwmf-lite-0.2.8.4-41.11.amzn1.i686 \n \n src: \n libwmf-0.2.8.4-41.11.amzn1.src \n \n x86_64: \n libwmf-lite-0.2.8.4-41.11.amzn1.x86_64 \n libwmf-devel-0.2.8.4-41.11.amzn1.x86_64 \n libwmf-debuginfo-0.2.8.4-41.11.amzn1.x86_64 \n libwmf-0.2.8.4-41.11.amzn1.x86_64 \n \n \n", "modified": "2015-10-27T14:16:00", "published": "2015-10-27T14:16:00", "id": "ALAS-2015-604", "href": "https://alas.aws.amazon.com/ALAS-2015-604.html", "title": "Important: libwmf", "type": "amazon", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:09", "bulletinFamily": "unix", "description": "\nMitre reports:\n\nMultiple buffer overflows in the gd graphics library (libgd) 2.0.21\n\t and earlier may allow remote attackers to execute arbitrary code via\n\t malformed image files that trigger the overflows due to improper\n\t calls to the gdMalloc function, a different set of vulnerabilities\n\t than CVE-2004-0990.\n\n\nBuffer overflow in the gdImageStringFTEx function in gdft.c in GD\n\t Graphics Library 2.0.33 and earlier allows remote attackers to cause\n\t a denial of service (application crash) and possibly execute\n\t arbitrary code via a crafted string with a JIS encoded font.\n\n\nThe gdPngReadData function in libgd 2.0.34 allows user-assisted\n\t attackers to cause a denial of service (CPU consumption) via a\n\t crafted PNG image with truncated data, which causes an infinite loop\n\t in the png_read_info function in libpng.\n\n\nInteger overflow in gdImageCreateTrueColor function in the GD\n\t Graphics Library (libgd) before 2.0.35 allows user-assisted remote\n\t attackers to have unspecified attack vectors and impact.\n\n\nThe gdImageCreateXbm function in the GD Graphics Library (libgd)\n\t before 2.0.35 allows user-assisted remote attackers to cause a\n\t denial of service (crash) via unspecified vectors involving a\n\t gdImageCreate failure.\n\n\nThe (a) imagearc and (b) imagefilledarc functions in GD Graphics\n\t Library (libgd) before 2.0.35 allow attackers to cause a denial of\n\t service (CPU consumption) via a large (1) start or (2) end angle\n\t degree value.\n\n\nThe _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before\n\t 5.3.1, and the GD Graphics Library 2.x, does not properly verify a\n\t certain colorsTotal structure member, which might allow remote\n\t attackers to conduct buffer overflow or buffer over-read attacks via\n\t a crafted GD file, a different vulnerability than CVE-2009-3293.\n\t NOTE: some of these details are obtained from third party\n\t information.\n\n\nHeap-based buffer overflow in libwmf 0.2.8.4 allows remote\n\t attackers to cause a denial of service (crash) or possibly execute\n\t arbitrary code via a crafted BMP image.\n\n\nmeta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial\n\t of service (out-of-bounds read) via a crafted WMF file.\n\n\nUse-after-free vulnerability in libwmf 0.2.8.4 allows remote\n\t attackers to cause a denial of service (crash) via a crafted WMF\n\t file to the (1) wmf2gd or (2) wmf2eps command.\n\n\nHeap-based buffer overflow in the DecodeImage function in libwmf\n\t 0.2.8.4 allows remote attackers to cause a denial of service (crash)\n\t or possibly execute arbitrary code via a crafted \"run-length count\"\n\t in an image in a WMF file.\n\n", "modified": "2004-10-12T00:00:00", "published": "2004-10-12T00:00:00", "id": "CA139C7F-2A8C-11E5-A4A5-002590263BF5", "href": "https://vuxml.freebsd.org/freebsd/ca139c7f-2a8c-11e5-a4a5-002590263bf5.html", "title": "libwmf -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "slackware": [{"lastseen": "2019-05-30T07:36:39", "bulletinFamily": "unix", "description": "New libwmf packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,\n14.2, and -current to fix security issues.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/libwmf-0.2.8.4-i586-7_slack14.1.txz: Rebuilt.\n Patched denial of service and possible execution of arbitrary code\n security issues.\n For more information, see:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0941\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3376\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2756\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3472\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3473\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3477\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0848\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4588\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4695\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4696\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9011\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6362\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the &quot;Get Slack&quot; section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/libwmf-0.2.8.4-i486-5_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/libwmf-0.2.8.4-x86_64-5_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/libwmf-0.2.8.4-i486-6_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/libwmf-0.2.8.4-x86_64-6_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/libwmf-0.2.8.4-i486-6_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/libwmf-0.2.8.4-x86_64-6_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/libwmf-0.2.8.4-i486-6_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/libwmf-0.2.8.4-x86_64-6_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/libwmf-0.2.8.4-i486-6_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/libwmf-0.2.8.4-x86_64-6_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/libwmf-0.2.8.4-i586-7_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/libwmf-0.2.8.4-x86_64-7_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libwmf-0.2.8.4-i586-8.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libwmf-0.2.8.4-x86_64-8.txz\n\n\nMD5 signatures:\n\nSlackware 13.0 package:\n6d0143e7e105188714f767aea522f4cb libwmf-0.2.8.4-i486-5_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n3f47383d824d93c4518f8fc738c0c820 libwmf-0.2.8.4-x86_64-5_slack13.0.txz\n\nSlackware 13.1 package:\n871f2ed8d5b43a139607a4d6f959ff93 libwmf-0.2.8.4-i486-6_slack13.1.txz\n\nSlackware x86_64 13.1 package:\na8cff7e3b53153589eab0a0bab9209de libwmf-0.2.8.4-x86_64-6_slack13.1.txz\n\nSlackware 13.37 package:\n5db38178040f541080caf9776256331d libwmf-0.2.8.4-i486-6_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n5d308a63d03d940622ec21d870b01cde libwmf-0.2.8.4-x86_64-6_slack13.37.txz\n\nSlackware 14.0 package:\nc806e42bd0498db0f3b70957c7c3a401 libwmf-0.2.8.4-i486-6_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n376835bf78178bb15bb3c56cee454eb4 libwmf-0.2.8.4-x86_64-6_slack14.0.txz\n\nSlackware 14.1 package:\n8a30446ddb36004db6d5ce10728807af libwmf-0.2.8.4-i486-6_slack14.1.txz\n\nSlackware x86_64 14.1 package:\nceb7fa835645c9d55c3ad5eac9eab754 libwmf-0.2.8.4-x86_64-6_slack14.1.txz\n\nSlackware 14.2 package:\n4d98c4cad02f173e00570dccccba226a libwmf-0.2.8.4-i586-7_slack14.1.txz\n\nSlackware x86_64 14.2 package:\n0750711520b0cf4ff5a9a6e363815702 libwmf-0.2.8.4-x86_64-7_slack14.1.txz\n\nSlackware -current package:\nac7070e538cf1d1bb08b68cf7883de6d l/libwmf-0.2.8.4-i586-8.txz\n\nSlackware x86_64 -current package:\n5a60b94c51180b5a2d53dba2fe430379 l/libwmf-0.2.8.4-x86_64-8.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg libwmf-0.2.8.4-i586-7_slack14.1.txz", "modified": "2018-04-30T18:19:49", "published": "2018-04-30T18:19:49", "id": "SSA-2018-120-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.620340", "title": "libwmf", "type": "slackware", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "kitploit": [{"lastseen": "2019-06-26T03:26:23", "bulletinFamily": "tools", "description": "[  ](<https://4.bp.blogspot.com/-Uf2o3nvS9iI/V-iDG8z9gdI/AAAAAAAAGNQ/lMp_2XaKabgLXdkrp0YBjUx8yOnf0IZzwCLcB/s1600/archlinux-logo-dark.png>)\n\n \nAn utility like pkg-audit for Arch Linux. Based on Arch CVE Monitoring Team data \n \nUses data collected by the awesome [ Arch CVE Monitoring Team ](<https://wiki.archlinux.org/index.php/Arch_CVE_Monitoring_Team>) . \n \n** Installation ** \n \n** From AUR ** \nThe PKGBUILD is available [ on AUR ](<https://aur.archlinux.org/packages/arch-audit>) . \nAfter the installation just execute ` arch-audit ` . \n \n** From sources ** \n\n \n \n git clone https://github.com/ilpianista/arch-audit\n cd arch-audit\n cargo build\n cargo run\n\n \n** Example output ** \n\n \n \n $ arch-audit\n Package libwmf is affected by [\"CVE-2009-1364\", \"CVE-2006-3376\", \"CVE-2007-0455\", \"CVE-2007-2756\", \"CVE-2007-3472\", \"CVE-2007-3473\", \"CVE-2007-3477\", \"CVE-2009-3546\", \"CVE-2015-0848\", \"CVE-2015-4588\", \"CVE-2015-4695\", \"CVE-2015-4696\"]. VULNERABLE!\n Package libtiff is affected by [\"CVE-2016-5875\", \"CVE-2016-5314\", \"CVE-2016-5315\", \"CVE-2016-5316\", \"CVE-2016-5317\", \"CVE-2016-5320\", \"CVE-2016-5321\", \"CVE-2016-5322\", \"CVE-2016-5323\", \"CVE-2016-5102\", \"CVE-2016-3991\", \"CVE-2016-3990\", \"CVE-2016-3945\", \"CVE-2016-3658\", \"CVE-2016-3634\", \"CVE-2016-3633\", \"CVE-2016-3632\", \"CVE-2016-3631\", \"CVE-2016-3625\", \"CVE-2016-3624\", \"CVE-2016-3623\", \"CVE-2016-3622\", \"CVE-2016-3621\", \"CVE-2016-3620\", \"CVE-2016-3619\", \"CVE-2016-3186\", \"CVE-2015-8668\", \"CVE-2015-7313\", \"CVE-2014-8130\", \"CVE-2014-8127\", \"CVE-2010-2596\", \"CVE-2016-6223\"]. VULNERABLE!\n Package libtiff is affected by [\"CVE-2015-7554\", \"CVE-2015-8683\"]. VULNERABLE!\n Package jasper is affected by [\"CVE-2015-8751\"]. VULNERABLE!\n Package jasper is affected by [\"CVE-2015-5221\"]. VULNERABLE!\n Package jasper is affected by [\"CVE-2015-5203\"]. VULNERABLE!\n Package lib32-openssl is affected by [\"CVE-2016-2177\", \"CVE-2016-2178\", \"CVE-2016-2179\", \"CVE-2016-2180\", \"CVE-2016-2181\", \"CVE-2016-2182\", \"CVE-2016-2183\", \"CVE-2016-6302\", \"CVE-2016-6303\", \"CVE-2016-6304\", \"CVE-2016-6306\"]. Update to 1:1.0.2.i-1!\n Package wireshark-cli is affected by [\"CVE-2016-7180\", \"CVE-2016-7175\", \"CVE-2016-7176\", \"CVE-2016-7177\", \"CVE-2016-7178\", \"CVE-2016-7179\"]. Update to 2.2.0-1!\n Package wpa_supplicant is affected by [\"CVE-2016-4477\", \"CVE-2016-4476\"]. VULNERABLE!\n Package openssl is affected by [\"CVE-2016-2177\", \"CVE-2016-2178\", \"CVE-2016-2179\", \"CVE-2016-2180\", \"CVE-2016-2181\", \"CVE-2016-2182\", \"CVE-2016-2183\", \"CVE-2016-6302\", \"CVE-2016-6303\", \"CVE-2016-6304\", \"CVE-2016-6306\"]. Update to 1.0.2.i-1!\n Package crypto++ is affected by [\"CVE-2016-7420\"]. VULNERABLE!\n Package bzip2 is affected by [\"CVE-2016-3189\"]. VULNERABLE!\n Package libimobiledevice is affected by [\"CVE-2016-5104\"]. VULNERABLE!\n Package libusbmuxd is affected by [\"CVE-2016-5104\"]. VULNERABLE!\n Package gdk-pixbuf2 is affected by [\"CVE-2016-6352\"]. VULNERABLE!\n \n $ arch-audit --upgradable --quiet\n wireshark-cli>=2.2.0-1\n openssl>=1.0.2.i-1\n lib32-openssl>=1:1.0.2.i-1\n \n $ arch-audit -uf \"%n|%c\"\n openssl|CVE-2016-2177,CVE-2016-2178,CVE-2016-2179,CVE-2016-2180,CVE-2016-2181,CVE-2016-2182,CVE-2016-2183,CVE-2016-6302,CVE-2016-6303,CVE-2016-6304,CVE-2016-6306\n wireshark-cli|CVE-2016-7180,CVE-2016-7175,CVE-2016-7176,CVE-2016-7177,CVE-2016-7178,CVE-2016-7179\n lib32-openssl|CVE-2016-2177,CVE-2016-2178,CVE-2016-2179,CVE-2016-2180,CVE-2016-2181,CVE-2016-2182,CVE-2016-2183,CVE-2016-6302,CVE-2016-6303,CVE-2016-6304,CVE-2016-6306\n\n \n \n\n\n** [ Download arch-audit ](<https://github.com/ilpianista/arch-audit>) **\n", "modified": "2016-10-15T14:30:02", "published": "2016-10-15T14:30:02", "id": "KITPLOIT:2973941148692546578", "href": "http://www.kitploit.com/2016/10/arch-audit-utility-like-pkg-audit-for.html", "title": "arch-audit - An utility like pkg-audit for Arch Linux", "type": "kitploit", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}