Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2006-3376

Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.

  • Published: Jul 6, 2006
  • Updated: Apr 13, 2023
  • CVE: CVE-2006-3376
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
wvware / wv2 0.2.3 0.2.3.x
wvware / wv2 0.2.1 0.2.1.x
wvware / libwmf 0.2.8_.4 0.2.8_.4.x
wvware / wv2 0.2.2 0.2.2.x