CVE-2016-9011

Priority
Description
The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote attackers
to cause a denial of service (application crash) via a crafted wmf file,
which triggers a memory allocation failure.
Notes
leosilvadebian fixed that with the debian proposed patch.
Package
Upstream:released (0.2.8.4-10.6)
Ubuntu 18.04 LTS:not-affected (0.2.8.4-12)
Ubuntu 20.04 LTS:not-affected (0.2.8.4-12)
Ubuntu 21.10:not-affected (0.2.8.4-12)
Ubuntu 16.04 ESM:needed
Ubuntu 22.04 LTS:not-affected (0.2.8.4-12)
Ubuntu 14.04 ESM:DNE (trusty was needed)
Patches:
More Information

Updated: 2022-04-25 00:18:12 UTC (commit ecc1009cb19540b950de59270950018900f37f15)