CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
96.3%
Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.
rhn.redhat.com/errata/RHSA-2006-0597.html
secunia.com/advisories/20921
secunia.com/advisories/21064
secunia.com/advisories/21261
secunia.com/advisories/21419
secunia.com/advisories/21459
secunia.com/advisories/21473
secunia.com/advisories/22311
security.gentoo.org/glsa/glsa-200608-17.xml
securityreason.com/securityalert/1190
securitytracker.com/id?1016518
www.mandriva.com/security/advisories?name=MDKSA-2006:132
www.novell.com/linux/security/advisories/2006_19_sr.html
www.securityfocus.com/archive/1/438803/100/0/threaded
www.securityfocus.com/bid/18751
www.ubuntu.com/usn/usn-333-1
www.vupen.com/english/advisories/2006/2646
exchange.xforce.ibmcloud.com/vulnerabilities/27516
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10262
www.debian.org/security/2006/dsa-1194