Vulnerability Details : CVE-2006-3376
Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.
Vulnerability category: OverflowExecute code
Products affected by CVE-2006-3376
- cpe:2.3:a:wvware:wv2:0.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:wvware:wv2:0.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:wvware:wv2:0.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:wvware:libwmf:0.2.8_.4:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-3376
18.97%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-3376
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
Vendor statements for CVE-2006-3376
-
Red Hat 2007-03-14Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
References for CVE-2006-3376
-
http://rhn.redhat.com/errata/RHSA-2006-0597.html
RHSA-2006:0597 - Security Advisory - Red Hat Customer Portal
-
http://www.novell.com/linux/security/advisories/2006_19_sr.html
404 Page Not Found | SUSE
-
http://www.mandriva.com/security/advisories?name=MDKSA-2006:132
Mandriva
-
http://securitytracker.com/id?1016518
Access Denied
-
http://www.ubuntu.com/usn/usn-333-1
USN-333-1: libwmf vulnerability | Ubuntu security notices | Ubuntu
-
http://www.securityfocus.com/bid/18751
-
http://security.gentoo.org/glsa/glsa-200608-17.xml
libwmf: Buffer overflow vulnerability (GLSA 200608-17) — Gentoo security
-
http://www.vupen.com/english/advisories/2006/2646
Site en construction
-
https://www.debian.org/security/2006/dsa-1194
Debian -- Security Information -- DSA-1194-1 libwmf
-
http://www.securityfocus.com/archive/1/438803/100/0/threaded
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10262
404 Not Found
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/27516
libwmf WMF MaxRecordSize buffer overflow CVE-2006-3376 Vulnerability Report
-
http://securityreason.com/securityalert/1190
libwmf integer/heap overflow - CXSecurity.com
Jump to