7.5
CVE-2006-3376
- EPSS 7.75%
- Veröffentlicht 06.07.2006 20:05:00
- Zuletzt bearbeitet 16.06.2026 22:26:56
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 7.75% | 0.939 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/21459
http://www.novell.com/linux/security/advisories/2006_19_sr.html
http://rhn.redhat.com/errata/RHSA-2006-0597.html
http://secunia.com/advisories/20921
http://secunia.com/advisories/21064
http://secunia.com/advisories/21261
http://secunia.com/advisories/21419
http://secunia.com/advisories/21473
http://secunia.com/advisories/22311
http://security.gentoo.org/glsa/glsa-200608-17.xml
http://securityreason.com/securityalert/1190
http://securitytracker.com/id?1016518
http://www.mandriva.com/security/advisories?name=MDKSA-2006:132
http://www.securityfocus.com/archive/1/438803/100/0/threaded
http://www.securityfocus.com/bid/18751
http://www.ubuntu.com/usn/usn-333-1
http://www.vupen.com/english/advisories/2006/2646
https://exchange.xforce.ibmcloud.com/vulnerabilities/27516
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10262
https://www.debian.org/security/2006/dsa-1194