9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.27 Low
EPSS
Percentile
96.8%
Severity: Critical
Date : 2017-01-01
CVE-ID : CVE-2006-3376 CVE-2007-0455 CVE-2007-2756 CVE-2007-3472
CVE-2007-3473 CVE-2007-3477 CVE-2009-1364 CVE-2009-3546
CVE-2015-0848 CVE-2015-4588 CVE-2015-4695 CVE-2015-4696
CVE-2016-9011
Package : libwmf
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-16
The package libwmf before version 0.2.8.4-14 is vulnerable to multiple
issues including arbitrary code execution and denial of service.
Upgrade to 0.2.8.4-14.
The problems have been fixed upstream but no release is available yet.
None.
Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple
products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5)
libgsf, and (6) imagemagick allows remote attackers to execute
arbitrary code via the MaxRecordSize header field in a WMF file.
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD
Graphics Library 2.0.33 and earlier allows remote attackers to cause a
denial of service (application crash) and possibly execute arbitrary
code via a crafted string with a JIS encoded font.
The gdPngReadData function in libgd 2.0.34 allows user-assisted
attackers to cause a denial of service (CPU consumption) via a crafted
PNG image with truncated data, which causes an infinite loop in the
png_read_info function in libpng.
Integer overflow in gdImageCreateTrueColor function in the GD Graphics
Library (libgd) before 2.0.35 allows user-assisted remote attackers to
have unspecified attack vectors and impact.
The gdImageCreateXbm function in the GD Graphics Library (libgd) before
2.0.35 allows user-assisted remote attackers to cause a denial of
service (crash) via unspecified vectors involving a gdImageCreate
failure.
The (a) imagearc and (b) imagefilledarc functions in GD Graphics
Library (libgd) before 2.0.35 allow attackers to cause a denial of
service (CPU consumption) via a large (1) start or (2) end angle degree
value.
Use-after-free vulnerability in the embedded GD library in libwmf
0.2.8.4 allows context-dependent attackers to cause a denial of service
(application crash) or possibly execute arbitrary code via a crafted
WMF file.
The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before
5.3.1, and the GD Graphics Library 2.x, does not properly verify a
certain colorsTotal structure member, which might allow remote
attackers to conduct buffer overflow or buffer over-read attacks via a
crafted GD file.
It was discovered that libwmf did not correctly process certain WMF
(Windows Metafiles) containing BMP images. By tricking a victim into
opening a specially crafted WMF file in an application using libwmf, a
remote attacker could possibly use this flaw to execute arbitrary code
with the privileges of the user running the application.
It was discovered that libwmf did not correctly process certain WMF
(Windows Metafiles) with embedded BMP images. By tricking a victim into
opening a specially crafted WMF file in an application using libwmf, a
remote attacker could possibly use this flaw to execute arbitrary code
with the privileges of the user running the application.
It was discovered that libwmf did not properly process certain WMF
files. By tricking a victim into opening a specially crafted WMF file
in an application using libwmf, a remote attacker could possibly
exploit this flaw to cause a crash or execute arbitrary code with the
privileges of the user running the application.
It was discovered that libwmf did not properly process certain WMF
files. By tricking a victim into opening a specially crafted WMF file
in an application using libwmf, a remote attacker could possibly
exploit this flaw to cause a crash or execute arbitrary code with the
privileges of the user running the application.
A memory allocation failure in function wmf_malloc in api.c was
reported in libwmf. Opening a maliciously crafted file could cause the
application to crash.
A remote attacker is able to use specially crafted files to crash the
application or execute arbitrary code on the affected host.
https://bugs.archlinux.org/task/49162
http://www.openwall.com/lists/oss-security/2015/06/16/4
https://blogs.gentoo.org/ago/2016/10/18/libwmf-memory-allocation-failure-in-wmf_malloc-api-c
https://security.archlinux.org/CVE-2006-3376
https://security.archlinux.org/CVE-2007-0455
https://security.archlinux.org/CVE-2007-2756
https://security.archlinux.org/CVE-2007-3472
https://security.archlinux.org/CVE-2007-3473
https://security.archlinux.org/CVE-2007-3477
https://security.archlinux.org/CVE-2009-1364
https://security.archlinux.org/CVE-2009-3546
https://security.archlinux.org/CVE-2015-0848
https://security.archlinux.org/CVE-2015-4588
https://security.archlinux.org/CVE-2015-4695
https://security.archlinux.org/CVE-2015-4696
https://security.archlinux.org/CVE-2016-9011
www.openwall.com/lists/oss-security/2015/06/16/4
blogs.gentoo.org/ago/2016/10/18/libwmf-memory-allocation-failure-in-wmf_malloc-api-c
bugs.archlinux.org/task/49162
security.archlinux.org/AVG-16
security.archlinux.org/CVE-2006-3376
security.archlinux.org/CVE-2007-0455
security.archlinux.org/CVE-2007-2756
security.archlinux.org/CVE-2007-3472
security.archlinux.org/CVE-2007-3473
security.archlinux.org/CVE-2007-3477
security.archlinux.org/CVE-2009-1364
security.archlinux.org/CVE-2009-3546
security.archlinux.org/CVE-2015-0848
security.archlinux.org/CVE-2015-4588
security.archlinux.org/CVE-2015-4695
security.archlinux.org/CVE-2015-4696
security.archlinux.org/CVE-2016-9011
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.27 Low
EPSS
Percentile
96.8%