7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.19 Low
EPSS
Percentile
96.2%
Secunia reports:
infamous41md has reported a vulnerability in libwmf, which
potentially can be exploited by malicious people to compromise an
application using the vulnerable library.
The vulnerability is caused due to an integer overflow error when
allocating memory based on a value taken directly from a WMF file
without performing any checks. This can be exploited to cause a
heap-based buffer overflow when a specially crafted WMF file is
processed.