Computer Security
[EN] securityvulns.ru no-pyccku


libwmf multiple security vulnerabilities
Published:14.07.2015
Source:
SecurityVulns ID:14583
Type:library
Threat Level:
6/10
Description:Multiple memory corruptions.
Affected:LIBWMF : libwmf 0.2
CVE:CVE-2015-4696 (Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) via a crafted WMF file to the (1) wmf2gd or (2) wmf2eps command.)
 CVE-2015-4695 (meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file.)
 CVE-2015-4588 (Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file.)
 CVE-2015-0848 (Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image.)
Original documentdocumentUBUNTU, [USN-2670-1] libwmf vulnerabilities (14.07.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod