FreeBSD : libwmf -- integer overflow vulnerability (48aab1d0-4252-11de-b67a-0030843d3802)
High Nessus Plugin ID 38800
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecunia reports :
infamous41md has reported a vulnerability in libwmf, which potentially can be exploited by malicious people to compromise an application using the vulnerable library.
The vulnerability is caused due to an integer overflow error when allocating memory based on a value taken directly from a WMF file without performing any checks. This can be exploited to cause a heap-based buffer overflow when a specially crafted WMF file is processed.
SolutionUpdate the affected package.