[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-4514Date: (C)2006-11-30   (M)2023-12-22


Heap-based buffer overflow in the ole_info_read_metabat function in Gnome Structured File library (libgsf) 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large num_metabat value in an OLE document, which causes the ole_init_info function to allocate insufficient memory.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=446
http://www.securityfocus.com/archive/1/archive/1/454389/30/9210/threaded
20070101-01-P
BID-21358
SECUNIA-23164
SECUNIA-23166
SECUNIA-23167
SECUNIA-23227
SECUNIA-23337
SECUNIA-23352
SECUNIA-23355
SECUNIA-23686
SECUNIA-23920
ADV-2006-4784
DSA-1221
GLSA-200612-13
MDKSA-2006:220
RHSA-2007:0011
SUSE-SA:2006:076
USN-391-1
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
https://issues.rpath.com/browse/RPL-857
libgsf-metabat-bo(30611)

CWE    1
CWE-119

© SecPod Technologies