Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.
Max CVSS
7.5
EPSS Score
18.97%
Published
2006-07-06
Updated
2018-10-18
Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document.
Max CVSS
6.5
EPSS Score
1.07%
Published
2006-06-15
Updated
2018-10-03
2 vulnerabilities found