Tavis Ormandy discovered that libwmf incorrectly used memory after it had
been freed when using its embedded GD library. If a user or automated
system were tricked into opening a crafted WMF file, an attacker could
cause a denial of service or execute arbitrary code with privileges of the
user invoking the program.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 9.04 | noarch | libwmf0.2-7 | < 0.2.8.4-6ubuntu1.1 | UNKNOWN |
Ubuntu | 9.04 | noarch | libwmf-bin | < 0.2.8.4-6ubuntu1.1 | UNKNOWN |
Ubuntu | 9.04 | noarch | libwmf-dev | < 0.2.8.4-6ubuntu1.1 | UNKNOWN |
Ubuntu | 9.04 | noarch | libwmf0.2-7-gtk | < 0.2.8.4-6ubuntu1.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | libwmf0.2-7 | < 0.2.8.4-6ubuntu0.8.10.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | libwmf-bin | < 0.2.8.4-6ubuntu0.8.10.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | libwmf-dev | < 0.2.8.4-6ubuntu0.8.10.1 | UNKNOWN |
Ubuntu | 8.04 | noarch | libwmf0.2-7 | < 0.2.8.4-6ubuntu0.8.04.1 | UNKNOWN |
Ubuntu | 8.04 | noarch | libwmf-bin | < 0.2.8.4-6ubuntu0.8.04.1 | UNKNOWN |
Ubuntu | 8.04 | noarch | libwmf-dev | < 0.2.8.4-6ubuntu0.8.04.1 | UNKNOWN |