{"id":"CVE-2015-4588","details":"Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted \"run-length count\" in an image in a WMF file.","modified":"2026-04-16T06:18:55.115244613Z","published":"2015-07-01T14:59:10Z","related":["SUSE-SU-2015:1378-1","SUSE-SU-2015:1484-1","openSUSE-SU-2024:10337-1"],"references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2015-1917.html"},{"type":"ADVISORY","url":"http://www.debian.org/security/2015/dsa-3302"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2670-1"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201602-03"},{"type":"EVIDENCE","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1227243"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160668.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2015-06/msg00051.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2015-06/msg00053.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2015-07/msg00018.html"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2015/06/03/6"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2015/06/16/4"},{"type":"WEB","url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"type":"WEB","url":"http://www.securityfocus.com/bid/75230"},{"type":"WEB","url":"http://www.securitytracker.com/id/1032771"}],"schema_version":"1.7.5"}