CVE-2016-9011 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Libwmf

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-131 — Incorrect Calculation of Buffer Size7 documents6 sources

Severity

5.5MEDIUMNVD

EPSS

0.5%

top 34.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wvware Libwmf Debian Libwmf

Timeline

PublishedMar 23

Latest updateMay 17

Description

The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (application crash) via a crafted wmf file, which triggers a memory allocation failure.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

▶debiandebian/libwmf< libwmf 0.2.8.4-10.6 (bookworm)

▶Debianwvware/libwmf< 0.2.8.4-10.6+3

▶NVDwvware/libwmf0.2.8.4

🔴Vulnerability Details

GHSA

GHSA-qwfm-245w-j693: The wmf_malloc function in api↗2022-05-17

▶

OSV

CVE-2016-9011: The wmf_malloc function in api↗2017-03-23

▶

📋Vendor Advisories

Red Hat

libwmf: Memory allocation failure in wmf_malloc↗2016-10-18

▶

Debian

CVE-2016-9011: libwmf - The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote attackers to ca...↗2016

▶

💬Community

Bugzilla

CVE-2016-9011 libwmf: Memory allocation failure in wmf_malloc↗2016-10-25

▶

Bugzilla

CVE-2016-9011 libwmf: Memory allocation failure in wmf_malloc [fedora-all]↗2016-10-25

▶