Wvware

wvware

9 CVEs • 3 products

Products (3)

Click to collapse

Toggle

CVEs (9)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-9011 1Wvware 1Libwmf May 13, 2026 Mar 23, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (application crash) via a crafted wmf file, which triggers a memory allocation failure.
CVE-2015-4696 1Wvware 1Libwmf May 6, 2026 Jul 1, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) via a crafted WMF file to the (1) wmf2gd or (2) wmf2eps command.
CVE-2015-4695 1Wvware 1Libwmf May 6, 2026 Jul 1, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file.
CVE-2015-4588 3Fedoraproject OpensuseWvware 3Fedora LibwmfOpensuse May 6, 2026 Jul 1, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a W...Show more Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file.Show less
CVE-2015-0848 3Fedoraproject OpensuseWvware 3Fedora LibwmfOpensuse May 6, 2026 Jul 1, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image.
CVE-2006-4513 1Wvware 1Wvware Apr 23, 2026 Oct 28, 2006 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Multiple integer overflows in the WV library in wvWare (formerly mswordview) before 1.2.3, as used by AbiWord, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a craf...Show more Multiple integer overflows in the WV library in wvWare (formerly mswordview) before 1.2.3, as used by AbiWord, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a crafted Microsoft Word (DOC) file that produces (1) large LFO clfolvl values in the wvGetLFO_records function or (2) a large LFO nolfo value in the wvGetFLO_PLF function.Show less
CVE-2006-3376 1Wvware 2Libwmf Wv2 Apr 16, 2026 Jul 6, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via th...Show more Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.Show less
CVE-2006-2197 1Wvware 1Wv2 Apr 16, 2026 Jun 15, 2006 N/A· v4 N/A· v3 6.5 MEDIUM· v2 Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document.
CVE-2004-0645 2Abisource Wvware 2Community Abiword Wvware Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field.