Vulnerabilities
Vulnerable Software
Wvware:  >> Libwmf  Security Vulnerabilities
The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (application crash) via a crafted wmf file, which triggers a memory allocation failure.
CVSS Score
5.5
EPSS Score
0.026
Published
2017-03-23
Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) via a crafted WMF file to the (1) wmf2gd or (2) wmf2eps command.
CVSS Score
4.3
EPSS Score
0.06
Published
2015-07-01
meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file.
CVSS Score
5.0
EPSS Score
0.066
Published
2015-07-01
Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file.
CVSS Score
6.8
EPSS Score
0.092
Published
2015-07-01
Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image.
CVSS Score
6.8
EPSS Score
0.085
Published
2015-07-01
Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.
CVSS Score
7.5
EPSS Score
0.077
Published
2006-07-06


Contact Us

Shodan ® - All rights reserved