CVE-2006-4514 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-4514
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4514

Description: Heap-based buffer overflow in the ole_info_read_metabat function in Gnome Structured File library (libgsf) 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large num_metabat value in an OLE document, which causes the ole_init_info function to allocate insufficient memory.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/30611 UBUNTU http://www.ubuntu.com/usn/usn-391-1 SUSE http://lists.suse.com/archive/suse-security-announce/2006-Dec/0005.html SGI SAID Secunia Advisory: SA23337 Secunia Advisory: SA23355 Secunia Advisory: SA23164 Secunia Advisory: SA23166 Secunia Advisory: SA23167 Secunia Advisory: SA23227 Secunia Advisory: SA23352 Secunia Advisory: SA23686 Secunia Advisory: SA23920 REDHAT http://rhn.redhat.com/errata/RHSA-2007-0011.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:220 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=446 GENTOO http://security.gentoo.org/glsa/glsa-200612-13.xml DEBIAN http://www.debian.org/security/2006/dsa-1221 CONFIRM BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/454389/30/9210/threaded BID 21358

Return to the previous page.