MidnightBSD

Advisories for wvware

CVE-2004-0645 HIGH

Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wvware wvware 0.7.5
abisource community_abiword 2.0.7
abisource community_abiword 2.0.5
abisource community_abiword 2.0.3
abisource community_abiword 2.0.6
wvware wvware 0.7.4
abisource community_abiword 2.0.4
wvware wvware 1.0
wvware wvware 0.7.6
CVE-2006-2197 MEDIUM

Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
wvware wv2 *
wvware wv2 0.2.2
CVE-2006-3376 HIGH

Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wvware wv2 0.2.3
wvware wv2 0.2.1
wvware wv2 0.2.2
wvware libwmf 0.2.8_.4
CVE-2015-0848 MEDIUM

Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
opensuse opensuse 13.1
fedoraproject fedora 21
wvware libwmf 0.2.8.4
opensuse opensuse 13.2
CVE-2015-4588 MEDIUM

Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
opensuse opensuse 13.1
fedoraproject fedora 21
wvware libwmf 0.2.8.4
opensuse opensuse 13.2
CVE-2015-4695 MEDIUM

meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
wvware libwmf 0.2.8.4
CVE-2015-4696 MEDIUM

Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) via a crafted WMF file to the (1) wmf2gd or (2) wmf2eps command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wvware libwmf 0.2.8.4
CVE-2016-9011 MEDIUM

The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (application crash) via a crafted wmf file, which triggers a memory allocation failure.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
wvware libwmf 0.2.8.4