[Security-team] [Fwd: [SA20921] libwmf Integer Overflow Vulnerability]
Michael Shigorin
=?iso-8859-1?q?mike_=CE=C1_osdn=2Eorg=2Eua?=
Пн Июл 10 21:32:07 MSD 2006
On Sat, Jul 08, 2006 at 08:28:33PM +1300, Alexey Borovskoy wrote:
> The vulnerability has been reported in version 0.2.8.4. Other
> versions may also be affected.
> SOLUTION: Do not open untrusted WMF files in applications using
> the vulnerable library.
Unpatched, вендорских фиксов пока не видел. Слабо.
--
---- WBR, Michael Shigorin <mike на altlinux.ru>
------ Linux.Kiev http://www.linux.kiev.ua/
Подробная информация о списке рассылки Security-team