FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libwmf -- embedded GD library Use-After-Free vulnerability

Affected packages
libwmf <


VuXML ID 6a245f31-4254-11de-b67a-0030843d3802
Discovery 2009-05-05
Entry 2009-05-16

Secunia reports:

A vulnerability has been reported in libwmf, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.

The vulnerability is caused due to a use-after-free error within the embedded GD library, which can be exploited to cause a crash or potentially to execute arbitrary code via a specially crafted WMF file.


Bugtraq ID 34792
CVE Name CVE-2009-1364