libEMF 1.0.12 libemf.cpp ScaleViewPortExtEx EMF File integer overflow

EntryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as critical, has been found in libEMF 1.0.12. This issue affects the function ScaleViewPortExtEx of the file libemf.cpp. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1017240206/16/2020VulD...cve_nvd_summaryScaleViewPortExtEx in libemf.cpp in libEMF (aka ECMA-234 Metafile Library) 1.0.12 allows an integer overflow and denial of service via a crafted EMF file.mitre.org06/16/2020accepted
100
1017240106/16/2020VulD...cve_assigned1591747200mitre.org06/16/2020accepted
100
1017239706/16/2020VulD...cvss3_nvd_aHnist.gov06/16/2020accepted
100
1017239606/16/2020VulD...cvss3_nvd_iNnist.gov06/16/2020accepted
100
1017239506/16/2020VulD...cvss3_nvd_cNnist.gov06/16/2020accepted
100
1017239406/16/2020VulD...cvss3_nvd_sUnist.gov06/16/2020accepted
100
1017239306/16/2020VulD...cvss3_nvd_uiRnist.gov06/16/2020accepted
100
1017239206/16/2020VulD...cvss3_nvd_prNnist.gov06/16/2020accepted
100
1017239106/16/2020VulD...cvss3_nvd_acLnist.gov06/16/2020accepted
100
1017239006/16/2020VulD...cvss3_nvd_avLnist.gov06/16/2020accepted
100
1017237706/16/2020VulD...cvss2_nvd_aiPnist.gov06/16/2020accepted
100
1017237606/16/2020VulD...cvss2_nvd_iiNnist.gov06/16/2020accepted
100
1017237506/16/2020VulD...cvss2_nvd_ciNnist.gov06/16/2020accepted
100
1017237406/16/2020VulD...cvss2_nvd_auNnist.gov06/16/2020accepted
100
1017237306/16/2020VulD...cvss2_nvd_acMnist.gov06/16/2020accepted
100
1017237206/16/2020VulD...cvss2_nvd_avNnist.gov06/16/2020accepted
100
1017236206/16/2020VulD...cwe190 (memory corruption)06/16/2020accepted
100
1017240906/16/2020VulD...cvss3_nvd_basescore5.5nist.gov06/16/2020accepted
90
1017240806/16/2020VulD...cvss3_vuldb_rcXsee CVSS documentation06/16/2020accepted
90
1017240706/16/2020VulD...cvss3_vuldb_rlXsee CVSS documentation06/16/2020accepted
90

Do you know our Splunk app?

Download it now for free!