Your submission was sent successfully! Close

CVE-2015-4588

Published: 1 July 2015

Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file.

Priority

Medium

Status

Package Release Status
libwmf
Launchpad, Ubuntu, Debian
precise
Released (0.2.8.4-10ubuntu1.1)
trusty Does not exist
(trusty was released [0.2.8.4-10.3ubuntu1.14.04.1])
upstream Needs triage

utopic
Released (0.2.8.4-10.3ubuntu1.14.10.1)
vivid
Released (0.2.8.4-10.3ubuntu1.15.04.1)