6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.034 Low
EPSS
Percentile
91.4%
Package : libwmf
Version : 0.2.8.4-6.2+deb6u1
CVE ID : CVE-2015-0848 CVE-2015-4588
Debian Bug : #787644
The following vulnerabilities were discovered in the Windows Metafile
conversion library when reading BMP images embedded into WMF files:
CVE-2015-0848
A heap overflow when decoding embedded BMP images that don't use 8 bits per
pixel.
CVE-2015-4588
A missing check in the RLE decoding of embedded BMP images.
We recommend that you update your libwmf packages.
Attachment:
signature.asc
Description: Digital signature
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | armhf | libwmf-dev | < 0.2.8.4-10.3+deb7u1 | libwmf-dev_0.2.8.4-10.3+deb7u1_armhf.deb |
Debian | 7 | i386 | libwmf0.2-7 | < 0.2.8.4-10.3+deb7u1 | libwmf0.2-7_0.2.8.4-10.3+deb7u1_i386.deb |
Debian | 7 | all | libwmf | < 0.2.8.4-10.3+deb7u1 | libwmf_0.2.8.4-10.3+deb7u1_all.deb |
Debian | 8 | kfreebsd-i386 | libwmf0.2-7 | < 0.2.8.4-10.3+deb8u1 | libwmf0.2-7_0.2.8.4-10.3+deb8u1_kfreebsd-i386.deb |
Debian | 7 | mips | libwmf0.2-7 | < 0.2.8.4-10.3+deb7u1 | libwmf0.2-7_0.2.8.4-10.3+deb7u1_mips.deb |
Debian | 8 | mips | libwmf0.2-7 | < 0.2.8.4-10.3+deb8u1 | libwmf0.2-7_0.2.8.4-10.3+deb8u1_mips.deb |
Debian | 7 | powerpc | libwmf-bin | < 0.2.8.4-10.3+deb7u1 | libwmf-bin_0.2.8.4-10.3+deb7u1_powerpc.deb |
Debian | 7 | amd64 | libwmf-dev | < 0.2.8.4-10.3+deb7u1 | libwmf-dev_0.2.8.4-10.3+deb7u1_amd64.deb |
Debian | 7 | mipsel | libwmf0.2-7 | < 0.2.8.4-10.3+deb7u1 | libwmf0.2-7_0.2.8.4-10.3+deb7u1_mipsel.deb |
Debian | 7 | s390x | libwmf0.2-7 | < 0.2.8.4-10.3+deb7u1 | libwmf0.2-7_0.2.8.4-10.3+deb7u1_s390x.deb |