CVSS: 8.8EPSS: 12%CPEs: 4EXPL: 0CVE-2006-3376 – Slackware Security Advisory - libwmf Updates
https://notcve.org/view.php?id=CVE-2006-3376
06 Jul 2006 — Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file. Desbordamiento de entero en el archivo player.c en libwmf 0.2.8.4, utilizado en múltiples productos incluyendo (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, y(6) imagemagick, que permite a los atacantes remotos ejecutar arbitrariamente c... • http://rhn.redhat.com/errata/RHSA-2006-0597.html •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2006-2197 – Debian Linux Security Advisory 1100-1
https://notcve.org/view.php?id=CVE-2006-2197
15 Jun 2006 — Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document. Desbordamiento de entero en WV2 anterior a v0.2.3 podría permitir a atacantes dependientes de contexto para ejecutar código arbitrario a través de un documento de Microsoft Word. libwv2 did not sufficiently check the validity of its input. Certain invalid Word documents caused a buffer overflow. By tricking a user into opening a specially crafted Word file with an app... • http://secunia.com/advisories/20665 • CWE-189: Numeric Errors •