Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3376

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-3376
Last Modified 07 Mar 2011 09:38:29
Published 06 Jul 2006 04:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3376

Summary

Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.

Vulnerable Systems

Application

  • Wvware Libwmf 0.2.8 .4

  • Wvware Wv2 0.2.1

  • Wvware Wv2 0.2.2

  • Wvware Wv2 0.2.3


References

VUPEN - ADV-2006-2646

BID - 18751

BUGTRAQ - 20060630 libwmf integer/heap overflow

SECUNIA - 20921

XF - libwmf-wmf-bo(27516)

UBUNTU - USN-333-1

SUSE - SUSE-SR:2006:019

MANDRIVA - MDKSA-2006:132

SECTRACK - 1016518

SREASON - 1190

GENTOO - GLSA-200608-17

SECUNIA - 22311

SECUNIA - 21473

SECUNIA - 21459

SECUNIA - 21419

SECUNIA - 21261

SECUNIA - 21064

REDHAT - RHSA-2006:0597

DEBIAN - DSA-1194


Last Updated: 27 May 2016 10:42:58