Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Gentoo: GLSA 200907-01 Normal: libwmf User Code Execution Risk

gentoo
Calendar Grey July 2, 2009
Dist Gentoo Esm H88
The recent Gentoo security advisory GLSA 202108-02 highlights a vulnerability in the libpng library that could lead to potential remote code execution under specific user conditions.
libwmf bundles an old GD version which contains a "use-after-free" vulnerability.

Summary

Gentoo Linux Security Advisory GLSA 200907-01 https://security.gentoo.org/ Severity: Normal Title: libwmf: User-assisted execution of arbitrary code Date: July 02, 2009 Bugs: #268161 ID: 200907-01

Synopsis ======= libwmf bundles an old GD version which contains a "use-after-free" vulnerability.
Background ========= libwmf is a library for converting WMF files.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/libwmf < 0.2.8.4-r3 >= 0.2.8.4-r3
========== The embedded fork of the GD library introduced a "use-after-free" vulnerability in a modification which is specific to libwmf.
Impact ===== A remote attacker could entice a user to open a specially crafted...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo arbitrary code execution code risk user assistance

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo arbitrary code execution code risk user assistance

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here