Mandrake Linux Security Advisory : libwmf (MDKSA-2006:132)
High Nessus Plugin ID 23882
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionInteger overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.
Updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.