libEMF 1.0.12 libemf.cpp ScaleViewPortExtEx EMF File integer overflow

EntryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as critical, has been found in libEMF 1.0.12. This issue affects the function ScaleViewPortExtEx of the file libemf.cpp. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1017240206/16/2020VulD...cve_nvd_summaryScaleViewPortExtEx in libemf.cpp in libEMF (aka ECMA-234 Metafile Library) 1.0.12 allows an integer overflow and denial of service via a crafted EMF file.mitre.org06/16/2020accepted100
1017240106/16/2020VulD...cve_assigned1591747200mitre.org06/16/2020accepted100
1017239706/16/2020VulD...cvss3_nvd_aHnist.gov06/16/2020accepted100
1017239606/16/2020VulD...cvss3_nvd_iNnist.gov06/16/2020accepted100
1017239506/16/2020VulD...cvss3_nvd_cNnist.gov06/16/2020accepted100
1017239406/16/2020VulD...cvss3_nvd_sUnist.gov06/16/2020accepted100
1017239306/16/2020VulD...cvss3_nvd_uiRnist.gov06/16/2020accepted100
1017239206/16/2020VulD...cvss3_nvd_prNnist.gov06/16/2020accepted100
1017239106/16/2020VulD...cvss3_nvd_acLnist.gov06/16/2020accepted100
1017239006/16/2020VulD...cvss3_nvd_avLnist.gov06/16/2020accepted100
1017237706/16/2020VulD...cvss2_nvd_aiPnist.gov06/16/2020accepted100
1017237606/16/2020VulD...cvss2_nvd_iiNnist.gov06/16/2020accepted100
1017237506/16/2020VulD...cvss2_nvd_ciNnist.gov06/16/2020accepted100
1017237406/16/2020VulD...cvss2_nvd_auNnist.gov06/16/2020accepted100
1017237306/16/2020VulD...cvss2_nvd_acMnist.gov06/16/2020accepted100
1017237206/16/2020VulD...cvss2_nvd_avNnist.gov06/16/2020accepted100
1017236206/16/2020VulD...cwe190 (memory corruption)06/16/2020accepted100
1017240906/16/2020VulD...cvss3_nvd_basescore5.5nist.gov06/16/2020accepted90
1017240806/16/2020VulD...cvss3_vuldb_rcX06/16/2020accepted90
1017240706/16/2020VulD...cvss3_vuldb_rlX06/16/2020accepted90

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!