CVE-2006-3376

Properties

Published:
05.07.2006
Updated:
21.08.2010
Patch available:
Severity:
High
CVSS vector:
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Product:
wvware: wv2
wvware: wv2
wvware: wv2

Vulnerability description

Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.

References:

BID: http://www.securityfocus.com/bid/18751
BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/438803/100/0/threaded
VUPEN: http://www.frsirt.com/english/advisories/2006/2646
SECUNIA: http://secunia.com/advisories/20921
OVAL: http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10262
XF: http://xforce.iss.net/xforce/xfdb/27516
UBUNTU: http://www.ubuntu.com/usn/usn-333-1
SUSE: http://www.novell.com/linux/security/advisories/2006_19_sr.html
MANDRIVA: http://www.mandriva.com/security/advisories?name=MDKSA-2006:132
SECTRACK: http://securitytracker.com/id?1016518
SREASON: http://securityreason.com/securityalert/1190
GENTOO: http://security.gentoo.org/glsa/glsa-200608-17.xml
SECUNIA: http://secunia.com/advisories/22311
SECUNIA: http://secunia.com/advisories/21473
SECUNIA: http://secunia.com/advisories/21459
SECUNIA: http://secunia.com/advisories/21419
SECUNIA: http://secunia.com/advisories/21261
SECUNIA: http://secunia.com/advisories/21064
REDHAT: http://rhn.redhat.com/errata/RHSA-2006-0597.html
DEBIAN: http://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00289.html
MANDRIVA: http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:132