Jump to content

Advisories (MDKSA-2006:114 ): libwmf


Recommended Posts

Mandriva Advisories MDKSA-2006:114 : libwmf


Updated libwmf packages fixes embedded GD vulnerability

June 27th, 2006


Integer overflows were reported in the GD Graphics Library (libgd)


2.0.28, and possibly other versions. These overflows allow remote


attackers tocause a denial of service and possibly execute arbitrary


code via PNG image files with large image rows values that lead to a


heap-based buffer overflow in the gdImageCreateFromPngCtx() function.


Libwmf contains an embedded copy of the GD library code. (CAN-2004-0941)




Updated packages have been patched to address this issue.



The released versions of Mandriva GNU/Linux affected are:

  • CS3.0
  • 10.2
  • 2006.0

Full information about this advisory, including the updated packages, is available at:



Other references:



Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)

Link to comment
Share on other sites


  • Create New...