Attachment 95782 Details for Bug 134246 – vuln-2.xml

vuln-2.xml

vuln-2.xml (text/plain), 1.58 KB, created by Eygene Ryabinkin on 2009-05-05 22:10:03 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Eygene Ryabinkin

Created: 2009-05-05 22:10:03 UTC

Size: 1.58 KB

patch

obsolete

> <vuln vid="ad1cca02-39b2-11de-a493-001b77d09812">
> <topic>libwmf -- heap overflow and arbitrary code execution</topic>
> <affects>
> <package>
> <name>libwmf</name>
> <range><lt>0.2.8.4_3</lt></range>
> </package>
> </affects>
> <description>
> <body xmlns="http://www.w3.org/1999/xhtml">
> Secunia reports:
> <blockquote
> cite="http://secunia.com/advisories/20921">
> infamous41md has reported a vulnerability in libwmf, which
> potentially can be exploited by malicious people to compromise
> an application using the vulnerable library.
> The vulnerability is caused due to an integer overflow
> error when allocating memory based on a value taken directly
> from a WMF file without performing any checks. This can be
> exploited to cause a heap-based buffer overflow when a
> specially crafted WMF file is processed.
> Successful exploitation may allow execution of arbitrary
> code.
> </blockquote>
> SecurityFocus additionally reports:
> <blockquote
> cite="http://www.securityfocus.com/bid/18751/discuss">
> Failed exploit attempts will likely cause denial-of-service
> conditions.
> </blockquote>
> </body>
> </description>
> <references>
> <cvename>CVE-2006-3376</cvename>
> <bid>18751</bid>
> <url>http://secunia.com/advisories/20921</url>
> </references>
> <dates>
> <discovery>2006-08-10</discovery>
> <entry>TODAY</entry>
> </dates>
> </vuln>

Actions: View

Attachments on bug 134246: 95781 | 95782