Vulnerabilites related to wvware - wv2
Vulnerability from fkie_nvd
Published
2006-06-15 10:02
Modified
2024-11-21 00:10
Severity ?
Summary
Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document.
References
security@debian.orghttp://secunia.com/advisories/20665Patch, Vendor Advisory
security@debian.orghttp://secunia.com/advisories/20688Patch, Vendor Advisory
security@debian.orghttp://secunia.com/advisories/20689Patch, Vendor Advisory
security@debian.orghttp://secunia.com/advisories/20826Vendor Advisory
security@debian.orghttp://secunia.com/advisories/20844Vendor Advisory
security@debian.orghttp://secunia.com/advisories/20899Vendor Advisory
security@debian.orghttp://securitytracker.com/id?1016313
security@debian.orghttp://sourceforge.net/project/shownotes.php?group_id=10501&release_id=424094
security@debian.orghttp://www.debian.org/security/2006/dsa-1100Patch, Vendor Advisory
security@debian.orghttp://www.gentoo.org/security/en/glsa/glsa-200606-24.xmlPatch, Vendor Advisory
security@debian.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:109
security@debian.orghttp://www.novell.com/linux/security/advisories/2006_38_security.html
security@debian.orghttp://www.securityfocus.com/bid/18437Patch
security@debian.orghttp://www.vupen.com/english/advisories/2006/2350Vendor Advisory
security@debian.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/27184
security@debian.orghttps://usn.ubuntu.com/300-1/
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20665Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20688Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20689Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20826Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20844Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20899Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1016313
af854a3a-2127-422b-91ae-364da2661108http://sourceforge.net/project/shownotes.php?group_id=10501&release_id=424094
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1100Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200606-24.xmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:109
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2006_38_security.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/18437Patch
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/2350Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/27184
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/300-1/
Impacted products
Vendor Product Version
wvware wv2 *
wvware wv2 0.2.2


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:wvware:wv2:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D9ECBF1-45ED-42AF-8854-6BA2D685D85D",
                     versionEndIncluding: "0.2.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:wvware:wv2:0.2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0AB2FAA-427C-4313-B7AF-31829E58C367",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document.",
      },
      {
         lang: "es",
         value: "Desbordamiento de entero en WV2 anterior a v0.2.3 podría permitir a atacantes dependientes de contexto para ejecutar código arbitrario a través de un documento de Microsoft Word.",
      },
   ],
   evaluatorSolution: "This vulnerability is addressed in the following product release:\r\nDebian, wv2, 0.2.2-1",
   id: "CVE-2006-2197",
   lastModified: "2024-11-21T00:10:46.347",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: true,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2006-06-15T10:02:00.000",
   references: [
      {
         source: "security@debian.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/20665",
      },
      {
         source: "security@debian.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/20688",
      },
      {
         source: "security@debian.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/20689",
      },
      {
         source: "security@debian.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/20826",
      },
      {
         source: "security@debian.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/20844",
      },
      {
         source: "security@debian.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/20899",
      },
      {
         source: "security@debian.org",
         url: "http://securitytracker.com/id?1016313",
      },
      {
         source: "security@debian.org",
         url: "http://sourceforge.net/project/shownotes.php?group_id=10501&release_id=424094",
      },
      {
         source: "security@debian.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://www.debian.org/security/2006/dsa-1100",
      },
      {
         source: "security@debian.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://www.gentoo.org/security/en/glsa/glsa-200606-24.xml",
      },
      {
         source: "security@debian.org",
         url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:109",
      },
      {
         source: "security@debian.org",
         url: "http://www.novell.com/linux/security/advisories/2006_38_security.html",
      },
      {
         source: "security@debian.org",
         tags: [
            "Patch",
         ],
         url: "http://www.securityfocus.com/bid/18437",
      },
      {
         source: "security@debian.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.vupen.com/english/advisories/2006/2350",
      },
      {
         source: "security@debian.org",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/27184",
      },
      {
         source: "security@debian.org",
         url: "https://usn.ubuntu.com/300-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/20665",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/20688",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/20689",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/20826",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/20844",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/20899",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://securitytracker.com/id?1016313",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://sourceforge.net/project/shownotes.php?group_id=10501&release_id=424094",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://www.debian.org/security/2006/dsa-1100",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://www.gentoo.org/security/en/glsa/glsa-200606-24.xml",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:109",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.novell.com/linux/security/advisories/2006_38_security.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
         ],
         url: "http://www.securityfocus.com/bid/18437",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.vupen.com/english/advisories/2006/2350",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/27184",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://usn.ubuntu.com/300-1/",
      },
   ],
   sourceIdentifier: "security@debian.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-189",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2006-07-06 20:05
Modified
2024-11-21 00:13
Severity ?
Summary
Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.
References
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2006-0597.html
cve@mitre.orghttp://secunia.com/advisories/20921Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/21064
cve@mitre.orghttp://secunia.com/advisories/21261
cve@mitre.orghttp://secunia.com/advisories/21419
cve@mitre.orghttp://secunia.com/advisories/21459
cve@mitre.orghttp://secunia.com/advisories/21473
cve@mitre.orghttp://secunia.com/advisories/22311
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200608-17.xml
cve@mitre.orghttp://securityreason.com/securityalert/1190
cve@mitre.orghttp://securitytracker.com/id?1016518
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:132
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2006_19_sr.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/438803/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/18751
cve@mitre.orghttp://www.ubuntu.com/usn/usn-333-1
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/2646
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/27516
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10262
cve@mitre.orghttps://www.debian.org/security/2006/dsa-1194
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2006-0597.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20921Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21064
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21261
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21419
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21459
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21473
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22311
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200608-17.xml
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/1190
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1016518
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:132
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2006_19_sr.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438803/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/18751
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-333-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/2646
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/27516
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10262
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2006/dsa-1194
Impacted products
Vendor Product Version
wvware libwmf 0.2.8_.4
wvware wv2 0.2.1
wvware wv2 0.2.2
wvware wv2 0.2.3


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:wvware:libwmf:0.2.8_.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C647E35-83D2-4D21-AA48-B963B9D6A123",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:wvware:wv2:0.2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "565FB525-8593-4148-8A01-EF99F745AB4D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:wvware:wv2:0.2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0AB2FAA-427C-4313-B7AF-31829E58C367",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:wvware:wv2:0.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "98E88259-7829-4179-962D-64F98174F6C5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.",
      },
      {
         lang: "es",
         value: "Desbordamiento de entero en el archivo player.c en libwmf 0.2.8.4, utilizado en múltiples productos incluyendo (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, y(6) imagemagick, que permite a los atacantes remotos ejecutar arbitrariamente código a través del campo cabecera MaxRecordSize en un archivo WMF.",
      },
   ],
   id: "CVE-2006-3376",
   lastModified: "2024-11-21T00:13:28.880",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 7.5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: true,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2006-07-06T20:05:00.000",
   references: [
      {
         source: "cve@mitre.org",
         url: "http://rhn.redhat.com/errata/RHSA-2006-0597.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/20921",
      },
      {
         source: "cve@mitre.org",
         url: "http://secunia.com/advisories/21064",
      },
      {
         source: "cve@mitre.org",
         url: "http://secunia.com/advisories/21261",
      },
      {
         source: "cve@mitre.org",
         url: "http://secunia.com/advisories/21419",
      },
      {
         source: "cve@mitre.org",
         url: "http://secunia.com/advisories/21459",
      },
      {
         source: "cve@mitre.org",
         url: "http://secunia.com/advisories/21473",
      },
      {
         source: "cve@mitre.org",
         url: "http://secunia.com/advisories/22311",
      },
      {
         source: "cve@mitre.org",
         url: "http://security.gentoo.org/glsa/glsa-200608-17.xml",
      },
      {
         source: "cve@mitre.org",
         url: "http://securityreason.com/securityalert/1190",
      },
      {
         source: "cve@mitre.org",
         url: "http://securitytracker.com/id?1016518",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:132",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.novell.com/linux/security/advisories/2006_19_sr.html",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.securityfocus.com/archive/1/438803/100/0/threaded",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.securityfocus.com/bid/18751",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.ubuntu.com/usn/usn-333-1",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.vupen.com/english/advisories/2006/2646",
      },
      {
         source: "cve@mitre.org",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/27516",
      },
      {
         source: "cve@mitre.org",
         url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10262",
      },
      {
         source: "cve@mitre.org",
         url: "https://www.debian.org/security/2006/dsa-1194",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://rhn.redhat.com/errata/RHSA-2006-0597.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/20921",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/21064",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/21261",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/21419",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/21459",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/21473",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/22311",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://security.gentoo.org/glsa/glsa-200608-17.xml",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://securityreason.com/securityalert/1190",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://securitytracker.com/id?1016518",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:132",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.novell.com/linux/security/advisories/2006_19_sr.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/archive/1/438803/100/0/threaded",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/18751",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.ubuntu.com/usn/usn-333-1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.vupen.com/english/advisories/2006/2646",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/27516",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10262",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://www.debian.org/security/2006/dsa-1194",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vendorComments: [
      {
         comment: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
         lastModified: "2007-03-14T00:00:00",
         organization: "Red Hat",
      },
   ],
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-Other",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

cve-2006-2197
Vulnerability from cvelistv5
Published
2006-06-15 10:00
Modified
2024-08-07 17:43
Severity ?
Summary
Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document.
References
http://secunia.com/advisories/20899third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/2350vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/20844third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/27184vdb-entry, x_refsource_XF
http://secunia.com/advisories/20689third-party-advisory, x_refsource_SECUNIA
http://www.gentoo.org/security/en/glsa/glsa-200606-24.xmlvendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/20826third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20665third-party-advisory, x_refsource_SECUNIA
https://usn.ubuntu.com/300-1/vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/20688third-party-advisory, x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2006_38_security.htmlvendor-advisory, x_refsource_SUSE
http://www.mandriva.com/security/advisories?name=MDKSA-2006:109vendor-advisory, x_refsource_MANDRIVA
http://www.securityfocus.com/bid/18437vdb-entry, x_refsource_BID
http://sourceforge.net/project/shownotes.php?group_id=10501&release_id=424094x_refsource_CONFIRM
http://www.debian.org/security/2006/dsa-1100vendor-advisory, x_refsource_DEBIAN
http://securitytracker.com/id?1016313vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-07T17:43:28.333Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20899",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/20899",
               },
               {
                  name: "ADV-2006-2350",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2006/2350",
               },
               {
                  name: "20844",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/20844",
               },
               {
                  name: "wvware-wv2-word-overflow(27184)",
                  tags: [
                     "vdb-entry",
                     "x_refsource_XF",
                     "x_transferred",
                  ],
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/27184",
               },
               {
                  name: "20689",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/20689",
               },
               {
                  name: "GLSA-200606-24",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "http://www.gentoo.org/security/en/glsa/glsa-200606-24.xml",
               },
               {
                  name: "20826",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/20826",
               },
               {
                  name: "20665",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/20665",
               },
               {
                  name: "USN-300-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/300-1/",
               },
               {
                  name: "20688",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/20688",
               },
               {
                  name: "SUSE-SR:2006:015",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://www.novell.com/linux/security/advisories/2006_38_security.html",
               },
               {
                  name: "MDKSA-2006:109",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MANDRIVA",
                     "x_transferred",
                  ],
                  url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:109",
               },
               {
                  name: "18437",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/18437",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://sourceforge.net/project/shownotes.php?group_id=10501&release_id=424094",
               },
               {
                  name: "DSA-1100",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2006/dsa-1100",
               },
               {
                  name: "1016313",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://securitytracker.com/id?1016313",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2006-06-15T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-10-03T20:57:01",
            orgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            shortName: "debian",
         },
         references: [
            {
               name: "20899",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/20899",
            },
            {
               name: "ADV-2006-2350",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2006/2350",
            },
            {
               name: "20844",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/20844",
            },
            {
               name: "wvware-wv2-word-overflow(27184)",
               tags: [
                  "vdb-entry",
                  "x_refsource_XF",
               ],
               url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/27184",
            },
            {
               name: "20689",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/20689",
            },
            {
               name: "GLSA-200606-24",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "http://www.gentoo.org/security/en/glsa/glsa-200606-24.xml",
            },
            {
               name: "20826",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/20826",
            },
            {
               name: "20665",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/20665",
            },
            {
               name: "USN-300-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/300-1/",
            },
            {
               name: "20688",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/20688",
            },
            {
               name: "SUSE-SR:2006:015",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://www.novell.com/linux/security/advisories/2006_38_security.html",
            },
            {
               name: "MDKSA-2006:109",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
               ],
               url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:109",
            },
            {
               name: "18437",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/18437",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://sourceforge.net/project/shownotes.php?group_id=10501&release_id=424094",
            },
            {
               name: "DSA-1100",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2006/dsa-1100",
            },
            {
               name: "1016313",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://securitytracker.com/id?1016313",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@debian.org",
               ID: "CVE-2006-2197",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20899",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/20899",
                  },
                  {
                     name: "ADV-2006-2350",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2006/2350",
                  },
                  {
                     name: "20844",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/20844",
                  },
                  {
                     name: "wvware-wv2-word-overflow(27184)",
                     refsource: "XF",
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/27184",
                  },
                  {
                     name: "20689",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/20689",
                  },
                  {
                     name: "GLSA-200606-24",
                     refsource: "GENTOO",
                     url: "http://www.gentoo.org/security/en/glsa/glsa-200606-24.xml",
                  },
                  {
                     name: "20826",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/20826",
                  },
                  {
                     name: "20665",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/20665",
                  },
                  {
                     name: "USN-300-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/300-1/",
                  },
                  {
                     name: "20688",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/20688",
                  },
                  {
                     name: "SUSE-SR:2006:015",
                     refsource: "SUSE",
                     url: "http://www.novell.com/linux/security/advisories/2006_38_security.html",
                  },
                  {
                     name: "MDKSA-2006:109",
                     refsource: "MANDRIVA",
                     url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:109",
                  },
                  {
                     name: "18437",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/18437",
                  },
                  {
                     name: "http://sourceforge.net/project/shownotes.php?group_id=10501&release_id=424094",
                     refsource: "CONFIRM",
                     url: "http://sourceforge.net/project/shownotes.php?group_id=10501&release_id=424094",
                  },
                  {
                     name: "DSA-1100",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2006/dsa-1100",
                  },
                  {
                     name: "1016313",
                     refsource: "SECTRACK",
                     url: "http://securitytracker.com/id?1016313",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5",
      assignerShortName: "debian",
      cveId: "CVE-2006-2197",
      datePublished: "2006-06-15T10:00:00",
      dateReserved: "2006-05-04T00:00:00",
      dateUpdated: "2024-08-07T17:43:28.333Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2006-3376
Vulnerability from cvelistv5
Published
2006-07-06 20:00
Modified
2024-08-07 18:23
Severity ?
Summary
Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.
References
http://www.securityfocus.com/archive/1/438803/100/0/threadedmailing-list, x_refsource_BUGTRAQ
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10262vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/20921third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/27516vdb-entry, x_refsource_XF
http://securitytracker.com/id?1016518vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/21473third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/22311third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-333-1vendor-advisory, x_refsource_UBUNTU
http://securityreason.com/securityalert/1190third-party-advisory, x_refsource_SREASON
http://secunia.com/advisories/21459third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/18751vdb-entry, x_refsource_BID
http://www.novell.com/linux/security/advisories/2006_19_sr.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/21064third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/2646vdb-entry, x_refsource_VUPEN
https://www.debian.org/security/2006/dsa-1194vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/21261third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:132vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/21419third-party-advisory, x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2006-0597.htmlvendor-advisory, x_refsource_REDHAT
http://security.gentoo.org/glsa/glsa-200608-17.xmlvendor-advisory, x_refsource_GENTOO
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-07T18:23:21.282Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20060630 libwmf integer/heap overflow",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/archive/1/438803/100/0/threaded",
               },
               {
                  name: "oval:org.mitre.oval:def:10262",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10262",
               },
               {
                  name: "20921",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/20921",
               },
               {
                  name: "libwmf-wmf-bo(27516)",
                  tags: [
                     "vdb-entry",
                     "x_refsource_XF",
                     "x_transferred",
                  ],
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/27516",
               },
               {
                  name: "1016518",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://securitytracker.com/id?1016518",
               },
               {
                  name: "21473",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/21473",
               },
               {
                  name: "22311",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/22311",
               },
               {
                  name: "USN-333-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/usn-333-1",
               },
               {
                  name: "1190",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SREASON",
                     "x_transferred",
                  ],
                  url: "http://securityreason.com/securityalert/1190",
               },
               {
                  name: "21459",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/21459",
               },
               {
                  name: "18751",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/18751",
               },
               {
                  name: "SUSE-SR:2006:019",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://www.novell.com/linux/security/advisories/2006_19_sr.html",
               },
               {
                  name: "21064",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/21064",
               },
               {
                  name: "ADV-2006-2646",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2006/2646",
               },
               {
                  name: "DSA-1194",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2006/dsa-1194",
               },
               {
                  name: "21261",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/21261",
               },
               {
                  name: "MDKSA-2006:132",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MANDRIVA",
                     "x_transferred",
                  ],
                  url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:132",
               },
               {
                  name: "21419",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/21419",
               },
               {
                  name: "RHSA-2006:0597",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2006-0597.html",
               },
               {
                  name: "GLSA-200608-17",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "http://security.gentoo.org/glsa/glsa-200608-17.xml",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2006-06-30T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-10-18T14:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "20060630 libwmf integer/heap overflow",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://www.securityfocus.com/archive/1/438803/100/0/threaded",
            },
            {
               name: "oval:org.mitre.oval:def:10262",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10262",
            },
            {
               name: "20921",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/20921",
            },
            {
               name: "libwmf-wmf-bo(27516)",
               tags: [
                  "vdb-entry",
                  "x_refsource_XF",
               ],
               url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/27516",
            },
            {
               name: "1016518",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://securitytracker.com/id?1016518",
            },
            {
               name: "21473",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/21473",
            },
            {
               name: "22311",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/22311",
            },
            {
               name: "USN-333-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/usn-333-1",
            },
            {
               name: "1190",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SREASON",
               ],
               url: "http://securityreason.com/securityalert/1190",
            },
            {
               name: "21459",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/21459",
            },
            {
               name: "18751",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/18751",
            },
            {
               name: "SUSE-SR:2006:019",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://www.novell.com/linux/security/advisories/2006_19_sr.html",
            },
            {
               name: "21064",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/21064",
            },
            {
               name: "ADV-2006-2646",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2006/2646",
            },
            {
               name: "DSA-1194",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2006/dsa-1194",
            },
            {
               name: "21261",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/21261",
            },
            {
               name: "MDKSA-2006:132",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
               ],
               url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:132",
            },
            {
               name: "21419",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/21419",
            },
            {
               name: "RHSA-2006:0597",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2006-0597.html",
            },
            {
               name: "GLSA-200608-17",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "http://security.gentoo.org/glsa/glsa-200608-17.xml",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2006-3376",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20060630 libwmf integer/heap overflow",
                     refsource: "BUGTRAQ",
                     url: "http://www.securityfocus.com/archive/1/438803/100/0/threaded",
                  },
                  {
                     name: "oval:org.mitre.oval:def:10262",
                     refsource: "OVAL",
                     url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10262",
                  },
                  {
                     name: "20921",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/20921",
                  },
                  {
                     name: "libwmf-wmf-bo(27516)",
                     refsource: "XF",
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/27516",
                  },
                  {
                     name: "1016518",
                     refsource: "SECTRACK",
                     url: "http://securitytracker.com/id?1016518",
                  },
                  {
                     name: "21473",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/21473",
                  },
                  {
                     name: "22311",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/22311",
                  },
                  {
                     name: "USN-333-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/usn-333-1",
                  },
                  {
                     name: "1190",
                     refsource: "SREASON",
                     url: "http://securityreason.com/securityalert/1190",
                  },
                  {
                     name: "21459",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/21459",
                  },
                  {
                     name: "18751",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/18751",
                  },
                  {
                     name: "SUSE-SR:2006:019",
                     refsource: "SUSE",
                     url: "http://www.novell.com/linux/security/advisories/2006_19_sr.html",
                  },
                  {
                     name: "21064",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/21064",
                  },
                  {
                     name: "ADV-2006-2646",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2006/2646",
                  },
                  {
                     name: "DSA-1194",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2006/dsa-1194",
                  },
                  {
                     name: "21261",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/21261",
                  },
                  {
                     name: "MDKSA-2006:132",
                     refsource: "MANDRIVA",
                     url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:132",
                  },
                  {
                     name: "21419",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/21419",
                  },
                  {
                     name: "RHSA-2006:0597",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2006-0597.html",
                  },
                  {
                     name: "GLSA-200608-17",
                     refsource: "GENTOO",
                     url: "http://security.gentoo.org/glsa/glsa-200608-17.xml",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2006-3376",
      datePublished: "2006-07-06T20:00:00",
      dateReserved: "2006-07-06T00:00:00",
      dateUpdated: "2024-08-07T18:23:21.282Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}