Published: 01/07/2015 Updated: 22/09/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

meta.h in libwmf 0.2.8.4 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted WMF file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wvware libwmf 0.2.8.4

libwmf could be made to crash or run programs as your login if it opened a specially crafted file ...

Debian Bug report logs - #787644 libwmf: CVE-2015-0848 CVE-2015-4588 Package: src:libwmf; Maintainer for src:libwmf is Debian QA Group <packages@qadebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 3 Jun 2015 17:30:02 UTC Severity: grave Tags: jessie, security, sid, stretch, upstream, whe ...

Debian Bug report logs - #784205 CVE-2015-4695: meta_pen_create heap buffer overflow Package: libwmf02-7; Maintainer for libwmf02-7 is Debian QA Group <packages@qadebianorg>; Source for libwmf02-7 is src:libwmf (PTS, buildd, popcon) Reported by: Fernando Muñoz <fernando@null-lifecom> Date: Mon, 4 May 2015 01: ...

Debian Bug report logs - #790365 pycode-browser: CVE-2015-0849: predictable temporary file vulnerability Package: pycode-browser; Maintainer for pycode-browser is Georges Khaznadar <georgesk@debianorg>; Source for pycode-browser is src:pycode-browser (PTS, buildd, popcon) Reported by: "brian m carlson" <sandals@crustyto ...

Debian Bug report logs - #784192 CVE-2015-4696: wmf2gd/wmf2eps use after free Package: libwmf-bin; Maintainer for libwmf-bin is Debian QA Group <packages@qadebianorg>; Source for libwmf-bin is src:libwmf (PTS, buildd, popcon) Reported by: Fernando Muñoz <fernando@null-lifecom> Date: Sun, 3 May 2015 22:57:01 UTC ...

It was discovered that libwmf did not correctly process certain WMF (Windows Metafiles) with embedded BMP images By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the application (CVE-2015-0 ...

It was discovered that libwmf did not properly process certain WMF files By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly exploit this flaw to cause a crash or execute arbitrary code with the privileges of the user running the application ...

CWE-119 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784205 http://www.openwall.com/lists/oss-security/2015/06/21/3 http://www.openwall.com/lists/oss-security/2015/06/17/3 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/75329 https://security.gentoo.org/glsa/201602-03 http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162569.html http://rhn.redhat.com/errata/RHSA-2015-1917.html http://www.ubuntu.com/usn/USN-2670-1 http://www.debian.org/security/2015/dsa-3302 http://lists.opensuse.org/opensuse-updates/2015-07/msg00018.html http://www.securitytracker.com/id/1032771 https://usn.ubuntu.com/2670-1/https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2015-4695

Get Started

CVE-2015-4695

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect