CVE-2006-3376

Description

Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.

How to fix CVE-2006-3376

To remediate CVE-2006-3376, upgrade the affected package to a fixed version below.

• Debian/libwmf—upgrade to 0.2.8.4-2 or later
• Debian/libwmf—upgrade to 0.2.8.3-2sarge1 or later

Is CVE-2006-3376 being exploited?

Moderate — EPSS is 12.2%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (2)

• from 0, < 0.2.8.4-2
• from 0, < 0.2.8.3-2sarge1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2006-3376