[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2006-4514

Date: (C)2006-11-30   (M)2017-10-12
 
CVSS Score: 7.5Access Vector: NETWORK
Exploitability Subscore: 10.0Access Complexity: LOW
Impact Subscore: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL











Heap-based buffer overflow in the ole_info_read_metabat function in Gnome Structured File library (libgsf) 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large num_metabat value in an OLE document, which causes the ole_init_info function to allocate insufficient memory.

Reference:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=446
http://www.securityfocus.com/archive/1/archive/1/454389/30/9210/threaded
20070101-01-P
BID-21358
SECUNIA-23164
SECUNIA-23166
SECUNIA-23167
SECUNIA-23227
SECUNIA-23337
SECUNIA-23352
SECUNIA-23355
SECUNIA-23686
SECUNIA-23920
ADV-2006-4784
DSA-1221
GLSA-200612-13
MDKSA-2006:220
RHSA-2007:0011
SUSE-SA:2006:076
USN-391-1
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
https://issues.rpath.com/browse/RPL-857
libgsf-metabat-bo(30611)

CWE    1
CWE-119

© 2013 SecPod Technologies