Novell Home

CVE-2009-1364

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2009-1364 at MITRE

Description

Use-after-free vulnerability in the embedded GD library in libwmf 0.2.8.4 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WMF file.

NVD CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entry: 495842

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 10.3
  • libwmf >= 0.2.8.4-92.2
  • libwmf-devel >= 0.2.8.4-92.2
  • libwmf-gnome >= 0.2.8.4-92.2
Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
  • libwmf >= 0.2.8.2-88.7
core9.x86-64
core9.s390
core9.s390x
sles9-nld.x86-64
core9.x86
core9.ia64
core9.ppc
sles9-nld.x86
YOU Patch Nr: 12409
SLES SDK 9 for IBM S/390 and IBM zSeries
SLES SDK 9 for IBM iSeries and IBM pSeries
SLES SDK 9 for IBM zSeries
SLES SDK 9 for IPF
SLES SDK 9 for X86-64
SLES SDK 9 for x86
  • libwmf >= 0.2.8.2-88.7
  • libwmf-devel >= 0.2.8.2-88.7
core9.x86-64
core9.s390
core9.s390x
sles9-nld.x86-64
core9.x86
core9.ia64
core9.ppc
sles9-nld.x86
YOU Patch Nr: 12409
SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP2 for x86
  • libwmf >= 0.2.8.2-110.10
  • libwmf-devel >= 0.2.8.2-110.10
sle10-sp2-sdk.ppc
sled10-sp2.x86-64
sle10-sp2-sdk.x86-64
sled10-sp2.x86
sle10-sp2-sdk.x86
sle10-sp2-sdk.s390x
sle10-sp2-sdk.ia64
ZYPP Patch Nr: 6213

© 2012 Novell