Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2007-16
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 14 Mar 2007
 Last revised: 14 Mar 2007

 Package: libwmf

 Summary: libwmf buffer over flow

 More information:
    Libwmf is a library for reading vector images in Microsoft's native windows
    Metafile Format (WMF).

    Multiple vulnerabilities exist in gd graphics library.

 Impact:
    These vulnerabilities may allow remote attackers to execute arbitrary code via a
    malformed wmf file.

 Affected Products:
    - Turbolinux Appliance Server 2.0
    - Turbolinux FUJI
    - Turbolinux 10 Server x64 Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop


 <Turbolinux Appliance Server 2.0>

   Source Packages
   Size: MD5

   libwmf-0.2.8.3-3.src.rpm
      1752652 581255177e63bccd4f8257fb03cba965

   Binary Packages
   Size: MD5

   libwmf-0.2.8.3-3.i586.rpm
      1039856 07a926f0f5442de4ecd3f52f5d664611
   libwmf-devel-0.2.8.3-3.i586.rpm
       184769 44e648d856229c046c8aea05a073979e

 <Turbolinux FUJI>

   Source Packages
   Size: MD5

   libwmf-0.2.8.3-3.src.rpm
      1752652 67dec7f1788a14ffc7467975710cd5e7

   Binary Packages
   Size: MD5

   libwmf-0.2.8.3-3.i686.rpm
      1157840 be859ea68af080d3021337161121bb7d
   libwmf-devel-0.2.8.3-3.i686.rpm
       204694 67496279751d317ec6dfd9539c02d804

 <Turbolinux 10 Server x64 Edition>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/libwmf-0.2.8.3-3.src.rpm
      1752652 e3cd8f190720e16c1f097d87c7b0974f

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/libwmf-0.2.8.3-3.x86_64.rpm
      1058994 e39518b6f4d988ef58daf35862b37d46
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/libwmf-debug-0.2.8.3-3.x86_64.rpm
       550617 88c2c51171bccab8ee14d80b737c7209
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/libwmf-devel-0.2.8.3-3.x86_64.rpm
       190141 d95bd2c641a38de3a53653570412498b

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/libwmf-0.2.8.3-3.src.rpm
      1752652 947c9838c010177547c7b8b8350e60af

   Binary Packages
   Size: MD5

   libwmf-0.2.8.3-3.i586.rpm
      1039856 07a926f0f5442de4ecd3f52f5d664611
   libwmf-debug-0.2.8.3-3.i586.rpm
       553939 42c3b71475d0cca411ac3f6726894570
   libwmf-devel-0.2.8.3-3.i586.rpm
       184769 44e648d856229c046c8aea05a073979e

 <Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/libwmf-0.2.8.3-3.src.rpm
      1752652 86d6b546304080c390cd5fdded5f8d2c

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/libwmf-0.2.8.3-3.i586.rpm
      1040468 0cecc2a097cdeec045f40aae89aeea10


 References:

 CVE
   [CVE-2007-0455]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455
   [CVE-2006-3376]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3376
   [CVE-2004-0941]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0941
   [CVE-2004-0990]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0990

 --------------------------------------------------------------------------
 Revision History
    14 Mar 2007 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2007 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFF93MYK0LzjOqIJMwRApNOAKC+Tx1hym6+6JqyjHUJGITrAxKhvQCgtcOL
RoLZ9ONmHySFO2/3fgwT2kU=
=+Mdw
-----END PGP SIGNATURE-----




© 1998-2024 E-Soft Inc. All rights reserved.