Severity Critical
Remote Yes
Type Arbitrary code execution
Integer overflow in player.c in libwmf, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.
Group Package Affected Fixed Severity Status Ticket
AVG-16 libwmf Critical Fixed FS#49162
Date Advisory Group Package Severity Description
01 Jan 2017 ASA-201701-1 AVG-16 libwmf Critical multiple issues