CVE-2015-4695

Опубликовано: 04 мая 2015

Источник: redhat

CVSS2: 2.6

EPSS Низкий

Описание

meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file.

It was discovered that libwmf did not properly process certain WMF files. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly exploit this flaw to cause a crash or execute arbitrary code with the privileges of the user running the application.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	libwmf	Will not fix
Red Hat Enterprise Linux 6	libwmf	Fixed	RHSA-2015:1917	20.10.2015
Red Hat Enterprise Linux 7	libwmf	Fixed	RHSA-2015:1917	20.10.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-122

Дефект:

CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=1235665libwmf: heap buffer overread in meta.h

EPSS

Процентиль: 81%

0.01549

Низкий

2.6 Low

CVSS2

Связанные уязвимости

CVE-2015-4695

ubuntu

около 10 лет назад

meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file.

CVE-2015-4695

nvd

около 10 лет назад

meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file.

CVE-2015-4695

debian

около 10 лет назад

meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of ...

GHSA-rrgp-f769-h4h5

github

больше 3 лет назад

meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file.

SUSE-SU-2015:1378-1

suse-cvrf

около 10 лет назад

Security update for libwmf

EPSS

Процентиль: 81%

0.01549

Низкий

2.6 Low

CVSS2