19 matches found
EUVD-2015-4714
Malware in sbrugna...
SUSE CVE-2016-9011
The wmfmalloc function in api.c in libwmf 0.2.8.4 allows remote attackers to cause a denial of service application crash via a crafted wmf file, which triggers a memory allocation failure...
Huawei EulerOS: Security Advisory for libwmf (EulerOS-SA-2019-2623)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
The wmfmalloc function in api.c in libwmf 0.2.8.4 allows remote attackers to cause a denial of service application crash via a crafted wmf file, which triggers a memory allocation failure...
UBUNTU-CVE-2016-9011
The wmfmalloc function in api.c in libwmf 0.2.8.4 allows remote attackers to cause a denial of service application crash via a crafted wmf file, which triggers a memory allocation failure...
CVE-2016-9011
CVE-2016-9011 affects libwmf up to version 0.2.8.4, where the wmf_malloc function in api.c can fail memory allocation when processing a crafted WMF file. This can crash the targeted application (denial of service). The public description in the initial document specifies the vulnerability as a re...
SUSE-SU-2015:1378-1 Security update for libwmf
libwmf was updated to fix four security issues. These security issues were fixed: - CVE-2015-4588: Heap-based buffer overflow in the DecodeImage function allowed remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted 'run-length count' in an image in ...
libwmf Denial of Service Vulnerability
libwmf is a library of functions for reading and converting WMF vector graphics. A denial of service vulnerability exists in libwmf 0.2.8.4, which allows remote attackers to cause a denial of service via a crafted "WMF" file...
CVE-2015-4696
Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers to cause a denial of service crash via a crafted WMF file to the 1 wmf2gd or 2 wmf2eps command...
CVE-2015-4696
Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers to cause a denial of service crash via a crafted WMF file to the 1 wmf2gd or 2 wmf2eps command...
CVE-2015-4695
meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service out-of-bounds read via a crafted WMF file...
Out-of-bounds
meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service out-of-bounds read via a crafted WMF file...
CVE-2015-4695
meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service out-of-bounds read via a crafted WMF file...
CVE-2015-4696
Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers to cause a denial of service crash via a crafted WMF file to the 1 wmf2gd or 2 wmf2eps command...
Microsoft Windows WMF Handling Arbitrary Code Execution (CVE-2005-4560)
There exists a code execution vulnerability in Microsoft Windows. The vulnerability is created by unrestricted access to GDI functions through WMF files. An attacker can exploit this vulnerability to supply and execute arbitrary code through calling a specific GDI function via a crafted WMF file...
libwmf: embedded gd use-after-free error
Use-after-free vulnerability in the embedded GD library in libwmf 0.2.8.4 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted WMF file...
Microsoft Office 2003 - Denial of Service
Microsoft Office 2003 - Denial of Service source: https://www.securityfocus.com/bid/22716/info Microsoft Office is prone to a denial-of-service condition when the malformed WMF file is viewed in an Office application. Exploiting this issue allows remote attackers to crash applications, denying...
CVE-2006-4071
CVE-2006-4071 affects Microsoft Windows XP and Windows Server 2003 (gdi32.dll). Vulnerable component: createBrushIndirect in GDI; root cause: sign extension issue that allows a crafted WMF file to crash the application (user-assisted DoS). Impact: denial of service via crash. Exploitation details...
Integer overflow
An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service crash and possibly execute code via a crafted WMF file with a manipulated WMF...