CVE-2006-3376

EPSS 12.2%

libwmf

Published: 7/6/2006Modified: 4/28/2026

Description

Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.

Affected packages (2)

Debian/libwmffrom 0, < 0.2.8.4-2
Debian/libwmffrom 0, < 0.2.8.3-2sarge1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-3376