| Revision Date: | 2015-07-10 | Version: | 1 |
| Title: | Security update for libwmf (Moderate) |
| Description: |
libwmf was updated to fix four security issues.
These security issues were fixed: - CVE-2015-4588: Heap-based buffer overflow in the DecodeImage function allowed remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted 'run-length count' in an image in a WMF file (bsc#933109). - CVE-2015-0848: Heap-based buffer overflow allowed remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image (bsc#933109). - CVE-2015-4696: Use-after-free vulnerability allowed remote attackers to cause a denial of service (crash) via a crafted WMF file to the (1) wmf2gd or (2) wmf2eps command (bsc#936062). - CVE-2015-4695: meta.h allowed remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file (bsc#936058).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 831299
933109
936058
936062
CVE-2015-0848
CVE-2015-4588
CVE-2015-4695
CVE-2015-4696
SUSE-SU-2015:1378-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 11 SP3
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 11 SP3 is installed AND libwmf-0.2.8.4-206.29.29.1 is installed
|