View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2006-3376 severity moderate: SUSE including 23 source package names (libwmf, libwmf-0.2.8.4-206.27.4, …), 38 product×package rows across 9 product lines (SUSE Linux Enterprise Module for Package Hub 15 SP5, SUSE Linux Enterprise Server 16.0, … (9 product lines)): Fixed 19, Known Not Affected 19.
Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.