Debian Security Advisory
DLA-253-1 libwmf -- LTS security update
- Date Reported:
- 26 Jun 2015
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2015-0848, CVE-2015-4588.
- More information:
The following vulnerabilities were discovered in the Windows Metafile conversion library when reading BMP images embedded into WMF files:
A heap overflow when decoding embedded BMP images that don't use 8 bits per pixel.
A missing check in the RLE decoding of embedded BMP images.
We recommend that you update your libwmf packages.