Security update for libwmf SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2015:1134-1 Final 1 1 2015-06-16T10:18:50Z current 2015-06-16T10:18:50Z 2015-06-16T10:18:50Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libwmf libwmf was updated to fix three security issues and one non-security bug. The following vulnerabilities were fixed: * CVE-2015-0848: An attacker that could trick a victim into opening a specially crafted WMF file with BMP portions in a libwmf based application could have executed arbitrary code with the user's privileges. (boo#933109) * CVE-2015-0848: An attacker that could trick a victim into opening a specially crafted WMF file in a libwmf based application could have executed arbitrary code through incorrect run-length encoding. (boo#933109) * CVE-2009-1364: Use-after-free vulnerability in the embedded GD library in libwmf allowed context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WMF file. (boo#495842, boo#831299) The following non-security bug was fixed: * boo#892356: Make libwmf-tools not depend on libwmf-devel The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2015-06/msg00053.html E-Mail link for openSUSE-SU-2015:1134-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings libwmf-0.2.8.4-234.4.1 libwmf-0_2-7-0.2.8.4-234.4.1 libwmf-0_2-7-32bit-0.2.8.4-234.4.1 libwmf-devel-0.2.8.4-234.4.1 libwmf-gnome-0.2.8.4-234.4.1 libwmf-gnome-32bit-0.2.8.4-234.4.1 libwmf-tools-0.2.8.4-234.4.1 Use-after-free vulnerability in the embedded GD library in libwmf 0.2.8.4 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WMF file. CVE-2009-1364 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-06/msg00053.html https://www.suse.com/security/cve/CVE-2009-1364.html CVE-2009-1364 https://bugzilla.suse.com/495842 SUSE Bug 495842 Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image. CVE-2015-0848 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-06/msg00053.html https://www.suse.com/security/cve/CVE-2015-0848.html CVE-2015-0848 https://bugzilla.suse.com/933109 SUSE Bug 933109 Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file. CVE-2015-4588 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-06/msg00053.html https://www.suse.com/security/cve/CVE-2015-4588.html CVE-2015-4588 https://bugzilla.suse.com/933109 SUSE Bug 933109