Home > Vulnerability Database > CVE-2006-3376

Mend.io Vulnerability Database

CVE-2006-3376

Good to know:

Date: July 6, 2006

Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.

Language: C

Severity Score

7.3

Related Resources (22)

Url: http://securitytracker.com/id?1016518

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10262

Url: http://rhn.redhat.com/errata/RHSA-2006-0597.html

Url: http://www.securityfocus.com/bid/18751

Url: http://security.gentoo.org/glsa/glsa-200608-17.xml

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/27516

Url: http://secunia.com/advisories/21419

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-3376

Url: http://www.ubuntu.com/usn/usn-333-1

Url: https://www.debian.org/security/2006/dsa-1194

Url: http://secunia.com/advisories/21459

Url: http://secunia.com/advisories/20921

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:132

Url: http://securityreason.com/securityalert/1190

Url: http://secunia.com/advisories/21261

Url: http://www.securityfocus.com/archive/1/438803/100/0/threaded

Url: http://secunia.com/advisories/21064

Url: http://secunia.com/advisories/21473

Url: http://www.novell.com/linux/security/advisories/2006_19_sr.html

Url: http://www.vupen.com/english/advisories/2006/2646

Url: http://secunia.com/advisories/22311

Url: https://www.mend.io/vulnerability-database/CVE-2006-3376

Severity Score

7.3

Top Fix

Upgrade Version

Upgrade to version v0.2.9

Learn More

CVSS v3.1

Base Score:	7.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	7.5
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2006-3376

Good to know:

Date: July 6, 2006

Language: C

Severity Score

Related Resources (22)

Severity Score

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?