MiracleLinux 7 : libwmf-0.2.8.4-41.el7 (AXSA:2015-512:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-512:01 advisory. A library for reading and converting Windows MetaFile vector graphics WMF. Security issues fixed with this release: CVE-2015-0848 Heap-based buffer...

libwmf Denial of Service Vulnerability

libwmf is a library of functions for reading and converting WMF vector graphics. A denial of service vulnerability exists in libwmf 0.2.8.4, which allows remote attackers to cause a denial of service via a crafted "WMF" file...

libwmf Memory Misreference Vulnerability

libwmf is a library of functions for reading and converting WMF vector graphics. A memory misreference vulnerability in libwmf 0.2.8.4 allows remote attackers to cause a denial of service via a crafted "WMF" file to the wmf2gd or wmf2eps command...

DEBIAN-CVE-2015-4695

meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service out-of-bounds read via a crafted WMF file...

DEBIAN-CVE-2015-4588

Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file...

DEBIAN-CVE-2015-0848

Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted BMP image...

PT-2015-6672 · Linux +5 · Libwmf +5

Name of the Vulnerable Software and Affected Versions: libwmf version 0.2.8.4 Description: The issue allows remote attackers to cause a denial of service, specifically an out-of-bounds read, by using a crafted WMF file. Recommendations: For libwmf version 0.2.8.4, update to a newer version that...

PT-2015-6673 · Sourceforge +5 · Libwmf +5

Name of the Vulnerable Software and Affected Versions: libwmf version 0.2.8.4 Description: The issue is related to a use-after-free vulnerability that can be triggered by remote attackers using a crafted WMF file. This can cause a denial of service, leading to a crash, specifically when the file ...

PT-2015-4915 · Linux +5 · Libwmf +5

Name of the Vulnerable Software and Affected Versions: libwmf version 0.2.8.4 Description: A heap-based buffer overflow issue allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted BMP image. Recommendations: For libwmf version 0.2.8.4, consider...

PT-2015-6631 · Sourceforge +5 · Libwmf +5

Name of the Vulnerable Software and Affected Versions: libwmf version 0.2.8.4 Description: The issue is related to a heap-based buffer overflow in the DecodeImage function, which can be triggered by a crafted "run-length count" in an image in a WMF file. This can cause a denial of service crash o...

PT-2009-1069 · Gd +3 · Gd Library +4

Name of the Vulnerable Software and Affected Versions: libwmf versions 0.2.8.3 through 0.2.8.4 libwmf-devel versions 0.2.8.3 through 0.2.8.4 Description: The issue is related to a use-after-free vulnerability in the embedded GD library in libwmf, which allows context-dependent attackers to cause ...