彙總 wvware 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
歷史漏洞主要涉及 緩衝區溢位、記憶體損壞、拒絕服務與整數處理缺陷 等問題,部分漏洞可能導致 記憶體損壞,並影響 生產負載與軟體部署 相關場景。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2016-9011 | The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (application crash) via a crafted wmf file, which triggers a memory allocation failure. | [email protected] | 5.5 | 2.61% | 2017-03-23 | 2026-06-16 |
| CVE-2015-4696 | Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) via a crafted WMF file to the (1) wmf2gd or (2) wmf2eps command. | [email protected] | 4.3 | 6.00% | 2015-07-01 | 2026-06-16 |
| CVE-2015-4695 | meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file. | [email protected] | 5.0 | 6.64% | 2015-07-01 | 2026-06-16 |
| CVE-2015-4588 | Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file. | [email protected] | 6.8 | 9.22% | 2015-07-01 | 2026-06-16 |
| CVE-2015-0848 | Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image. | [email protected] | 6.8 | 8.54% | 2015-07-01 | 2026-06-16 |
| CVE-2006-4513 | Multiple integer overflows in the WV library in wvWare (formerly mswordview) before 1.2.3, as used by AbiWord, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a crafted Microsoft Word (DOC) file that produces (1) large LFO clfolvl values in the wvGetLFO_records function or (2) a large LFO nolfo value in the wvGetFLO_PLF function. | [email protected] | 5.1 | 3.36% | 2006-10-27 | 2026-06-16 |
| CVE-2006-3376 | Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file. | [email protected] | 7.5 | 7.75% | 2006-07-06 | 2026-06-16 |
| CVE-2006-2197 | Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document. | [email protected] | 6.5 | 2.52% | 2006-06-15 | 2026-06-16 |
| CVE-2004-0645 | Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field. | [email protected] | 10.0 | 8.45% | 2004-08-06 | 2026-06-16 |