CVE-2006-3376
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2006-3376
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2006-3376.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2006-3376
- Related
- Published
- 2006-07-06T20:05:00Z
- Modified
- 2024-06-30T12:01:22Z
- Summary
- [none]
- Details
-
Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.
- References
-
- http://rhn.redhat.com/errata/RHSA-2006-0597.html
- http://secunia.com/advisories/20921
- http://secunia.com/advisories/21064
- http://secunia.com/advisories/21261
- http://secunia.com/advisories/21419
- http://secunia.com/advisories/21459
- http://secunia.com/advisories/21473
- http://secunia.com/advisories/22311
- http://security.gentoo.org/glsa/glsa-200608-17.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:132
- http://www.novell.com/linux/security/advisories/2006_19_sr.html
- http://www.ubuntu.com/usn/usn-333-1
- http://www.vupen.com/english/advisories/2006/2646
- https://www.debian.org/security/2006/dsa-1194
- http://securityreason.com/securityalert/1190
- http://securitytracker.com/id?1016518
- http://www.securityfocus.com/archive/1/438803/100/0/threaded
- http://www.securityfocus.com/bid/18751
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27516
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10262
- https://security-tracker.debian.org/tracker/CVE-2006-3376
Affected packages
Debian:11 / libwmf
Package
- Name
- libwmf
- Purl
- pkg:deb/debian/libwmf?arch=source
Debian:12 / libwmf
Package
- Name
- libwmf
- Purl
- pkg:deb/debian/libwmf?arch=source
Debian:13 / libwmf
Package
- Name
- libwmf
- Purl
- pkg:deb/debian/libwmf?arch=source