35 matches found
CVE-2022-37352
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
EUVD-2015-4715
Malware in sbrugna...
CVE-2022-37352
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2022-37352
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
PDF-XChange Editor WMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Denial Of Service
libwmf is a library for reading and converting Windows Metafile Format WMF vector graphics. libwmf is used by applications such as GIMP and ImageMagick. It was discovered that libwmf did not correctly process certain WMF Windows Metafiles with embedded BMP images. By tricking a victim into openin...
Time Travel Debugging: finding Windows GDI flaws
Introduction Microsoft Patches for October 2018 included a total of 49 security patches. There were many interesting ones including kernel privilege escalation as well as critical ones which could lead to remote code execution such as the MSXML one. In this post we will be analysing a case of a W...
PT-2017-9925 · Sourceforge +2 · Libwmf +2
Name of the Vulnerable Software and Affected Versions: libwmf version 0.2.8.4 Description: The issue allows remote attackers to cause a denial of service, resulting in an application crash, by utilizing a crafted wmf file. This triggers a memory allocation failure in the wmf malloc function...
Amazon Linux AMI : libwmf (ALAS-2015-604)
It was discovered that libwmf did not correctly process certain WMF Windows Metafiles with embedded BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileg...
MGASA-2015-0261 Updated libwmf package fixes security vulnerability
It was discovered that libwmf did not correctly process certain WMF Windows Metafiles containing BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileges ...
SuSE 11 Security Update : libwmf (SAT Patch Number 822)
A specially crafted WMF files could crash libwmf. CVE-2009-1364 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc. include'deprecatednasllevel.inc';...
FreeBSD Ports: libwmf
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : openoffice.org, openoffice.org-amd64 vulnerabilities (USN-677-1)
Multiple memory overflow flaws were discovered in OpenOffice.org's handling of WMF and EMF files. If a user were tricked into opening a specially crafted document, a remote attacker might be able to execute arbitrary code with user privileges. CVE-2008-2237, CVE-2008-2238 Dmitry E. Oboukhov...
Ubuntu: Security Advisory (USN-406-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows kernel multiple security vulnerabilities
Multiple security vulnerabilities allow code execution via EMF/WMF files...
Fedora 8 : openoffice.org-2.3.0-6.17.fc8 (2008-9333)
A security release to address: - CVE-2008-2237: Manipulated WMF files - CVE-2008-2238: Manipulated EMF files as described at http://www.openoffice.org/security/bulletin.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...
[Backports-security-announce] Security update for openoffice.org
Rene Engelhard uploaded new packages for openoffice.org which fixed the following security problems: Debian BTS 496361 left-over debugging echos writing into an insecure temp file can allow attackers to overwrite files on the system with the prvilieges of the user executing senddoc File - Send...
openoffice -- arbitrary code execution vulnerabilities
The OpenOffice Team reports: A security vulnerability with the way OpenOffice 2.x process WMF files may allow a remote unprivileged user who provides a StarOffice/StarSuite document that is opened by a local user to execute arbitrary commands on the system with the privileges of the user running...
Microsoft Windows GDI multiple security vulnerabilities
Multiple buffer overflows on EMF and WMF files parsing...
Debian Security Advisory DSA 954-1 (wine)
The remote host is missing an update to wine announced via advisory DSA 954-1. H D Moore that discovered that Wine, a free implemention of the Microsoft Windows APIs, inherits a design flaw from the Windows GDI API, which may lead to the execution of code through GDI escape functions in WMF files...