CVE-2006-4514

Publication date 30 November 2006

Last updated 24 July 2024

Ubuntu priority

Heap-based buffer overflow in the ole_info_read_metabat function in Gnome Structured File library (libgsf) 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large num_metabat value in an OLE document, which causes the ole_init_info function to allocate insufficient memory.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
libgsf	7.04 feisty	Not affected
	6.10 edgy	Fixed 1.14.1-2ubuntu1.1
	6.06 LTS dapper	Fixed 1.13.99-0ubuntu2.1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-391-1
libgsf vulnerability
4 December 2006

Other references

https://www.cve.org/CVERecord?id=CVE-2006-4514