Wvware Wv2 vulnerabilities

CVE-2006-3376 [HIGH] CVE-2006-3376: Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) a Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.

CVE-2006-2197 [MEDIUM] CWE-189 CVE-2006-2197: Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary co Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document.