Launchpad.net

CVE 2009-1364

Use-after-free vulnerability in the embedded GD library in libwmf 0.2.8.4 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WMF file.

Related bugs and status

CVE-2009-1364 (Candidate) is related to these bugs:

Bug #375773: Vulnerability in WMF files

Summary				In	Importance	Status
	375773	Vulnerability in WMF files		The Dell Mini Project	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugzilla.redha...
CONFIRM: https://launchpad.net/...
REDHAT: RHSA-2009:0457
BID: 34792
MANDRIVA: MDVSA-2009:106
UBUNTU: USN-769-1
SECUNIA: 34964
SECUNIA: 35001
VUPEN: ADV-2009-1228
DEBIAN: DSA-1796
SECTRACK: 1022154
SECUNIA: 34901
SECUNIA: 35025
FEDORA: FEDORA-2009-5517
FEDORA: FEDORA-2009-5524
SECUNIA: 35190
FEDORA: FEDORA-2009-5518
SUSE: SUSE-SR:2009:011
SECUNIA: 35416
GENTOO: GLSA-200907-01
SECUNIA: 35686
SUSE: openSUSE-SU-2015:1132
SUSE: openSUSE-SU-2015:1134
CONFIRM: http://wvware.cvs.sour...
XF: libwmf-gdlibrary-code-...
OVAL: oval:org.mitre.oval:de...