libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows out-of-bounds memory access.
References
Link | Resource |
---|---|
https://sourceforge.net/p/libemf/news/2020/05/re-release-of-libemf-1012/ | Patch Release Notes Third Party Advisory |
https://sourceforge.net/p/libemf/code/commit_browser | Third Party Advisory |
https://sourceforge.net/p/libemf/mailman/libemf-devel/ | Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DFYDSKWFM2R5NKZOO2IN6X7SM3T2PWL/ | Mailing List Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00036.html | Third Party Advisory |
Information
Published : 2020-05-11 09:15
Updated : 2022-10-06 17:52
NVD link : CVE-2020-11865
Mitre link : CVE-2020-11865
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
libemf_project
- libemf
fedoraproject
- fedora
opensuse
- leap