Lucene search
K
WvwareLibwmf

6 matches found

CVE
CVE
added 2015/07/01 2:0 p.m.107 views

CVE-2015-4588

CVE-2015-4588 is a heap-based buffer overflow in the DecodeImage function of libwmf 0.2.8.4. It allows remote attackers to crash or possibly execute arbitrary code via a crafted WMF image (embedded BMP run-length). Public advisories (Debian DSA-3302-1, CentOS/CESA-2015:1917, Fedora updates, ALAS-...

6.8CVSS7.2AI score0.09221EPSS
CVE
CVE
added 2015/07/01 2:0 p.m.104 views

CVE-2015-4695

Summary (CVE-2015-4695) : libwmf 0.2.8.4 contains a flaw in meta.h that allows a remote attacker to trigger an out-of-bounds read via a crafted WMF file, potentially crashing the application or enabling arbitrary code execution. Impact and exploit details are consistently described across multipl...

5CVSS5.8AI score0.06637EPSS
CVE
CVE
added 2015/07/01 2:0 p.m.102 views

CVE-2015-0848

CVE-2015-0848 affects libwmf (0.2.8.4). A heap-based buffer overflow occurs when processing WMF files with embedded BMP images, enabling remote attackers to crash or possibly execute arbitrary code. Public advisories/updates across distributions fix libwmf to newer releases (e.g., 0.2.8.4-14 and ...

6.8CVSS7.3AI score0.08543EPSS
CVE
CVE
added 2015/07/01 2:0 p.m.97 views

CVE-2015-4696

CVE-2015-4696 is a use-after-free/processing flaw in libwmf 0.2.8.4 that can be triggered by opening specially crafted WMF files and may crash the application or allow arbitrary code execution via wmf2gd or wmf2eps. Multiple advisories (CentOS/CentOS-ASA, Debian DSA-3302, Red Hat/ALAS-604, Fedora...

4.3CVSS5.9AI score0.05981EPSS
CVE
CVE
added 2006/07/06 8:0 p.m.81 views

CVE-2006-3376

CVE-2006-3376 is an integer overflow in libwmf 0.2.8.4 (and older) related to the MaxRecordSize header in WMF files that enables remote code execution or crash when processing crafted WMF data. Affected software range includes libwmf and its use in wv, abiword, freetype, gimp, libgsf, and imagema...

7.5CVSS7.1AI score0.07745EPSS
CVE
CVE
added 2017/03/23 6:0 p.m.73 views

CVE-2016-9011

CVE-2016-9011 affects libwmf up to version 0.2.8.4, where the wmf_malloc function in api.c can fail memory allocation when processing a crafted WMF file. This can crash the targeted application (denial of service). The public description in the initial document specifies the vulnerability as a re...

5.5CVSS5.2AI score0.02612EPSS