VDB
GCVE-110-MAGEIA-2015-261
GCVE-110-MAGEIA-2015-261
Advisory Published
It was discovered that libwmf did not correctly process certain WMF
(Windows Metafiles) containing BMP images. By tricking a victim into
opening a specially crafted WMF file in an application using libwmf, a
remote attacker could possibly use this flaw to execute arbitrary code
with the privileges of the user running the application (CVE-2015-0848,
CVE-2015-4588).
Two out of bounds reads in libwmf were also discovered, one in the
meta_pen_create() function in player/meta.h (CVE-2015-4695) and one in
wmf2gd.c and wmf2eps.c (CVE-2015-4696)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | libwmf | 0.2.8.4-32.2.mga5 (unaffected), 0 (affected) | — |
| Mageia | libwmf | 0.2.8.4-30.2.mga4 (unaffected), 0 (affected) | — |
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.