CVE-2020-11866

Опубликовано: 11 мая 2020

Источник: redhat

CVSS3: 7.8

EPSS Низкий

Описание

libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free.

Отчет

libEMF is a C/C++ library which provides a drawing toolkit based on ECMA-234. The general purpose of this library is to create vector graphics files on POSIX systems which can be imported into OpenOffice.org or LibreOffice. Programs compiled with libEMF, output ECMA-234 graphics files locally which can be then imported into desktop applications. Therefore this use-after-free flaw can only be triggered via maliciously written applications compiled with libEMF.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	libEMF	Out of support scope

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-416

https://bugzilla.redhat.com/show_bug.cgi?id=1835793libEMF: allows a use-after-free

EPSS

Процентиль: 61%

0.0041

Низкий

7.8 High

CVSS3

Связанные уязвимости

CVE-2020-11866

CVSS3: 7.8

ubuntu

больше 5 лет назад

libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free.

CVE-2020-11866

CVSS3: 7.8

nvd

больше 5 лет назад

libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free.

CVE-2020-11866

CVSS3: 7.8

debian

больше 5 лет назад

libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-aft ...

GHSA-97vq-mgmh-2r8q

CVSS3: 7.8

github

больше 3 лет назад

libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free.

openSUSE-SU-2020:0831-1

suse-cvrf

больше 5 лет назад

Security update for libEMF

EPSS

Процентиль: 61%

0.0041

Низкий

7.8 High

CVSS3