cpe:/a:wvware:libwmf:0.2.8.4 CVE-2016-9011 2017-03-23T14:59:00.317-04:00 2017-03-27T11:51:18.163-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov 2017-03-26T15:30:53.283-04:00 BID 93860 MLIST [oss-security] 20161025 Re: libwmf: memory allocation failure in wmf_malloc (api.c) MISC https://blogs.gentoo.org/ago/2016/10/18/libwmf-memory-allocation-failure-in-wmf_malloc-api-c CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1388450 The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (application crash) via a crafted wmf file, which triggers a memory allocation failure.