Back to search
CVE-2006-4514
Published: Nov 30, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Heap-based buffer overflow in the ole_info_read_metabat function in Gnome Structured File library (libgsf) 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large num_metabat value in an OLE document, which causes the ole_init_info function to allocate insufficient memory.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://issues.rpath.com/browse/RPL-857
x_refsource_CONFIRM
RHSA-2007:0011
vendor-advisory
x_refsource_REDHAT
23167
third-party-advisory
x_refsource_SECUNIA
23920
third-party-advisory
x_refsource_SECUNIA
23352
third-party-advisory
x_refsource_SECUNIA
GLSA-200612-13
vendor-advisory
x_refsource_GENTOO
USN-391-1
vendor-advisory
x_refsource_UBUNTU
23227
third-party-advisory
x_refsource_SECUNIA
21358
vdb-entry
x_refsource_BID
MDKSA-2006:220
vendor-advisory
x_refsource_MANDRIVA
20061130 Multiple Vendor libgsf Heap Overflow Vulnerability
third-party-advisory
x_refsource_IDEFENSE
libgsf-metabat-bo(30611)
vdb-entry
x_refsource_XF
ADV-2006-4784
vdb-entry
x_refsource_VUPEN
SUSE-SA:2006:076
vendor-advisory
x_refsource_SUSE
20061214 rPSA-2006-0232-1 libgsf
mailing-list
x_refsource_BUGTRAQ
23166
third-party-advisory
x_refsource_SECUNIA
23337
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:9413
vdb-entry
signature
x_refsource_OVAL
23355
third-party-advisory
x_refsource_SECUNIA
DSA-1221
vendor-advisory
x_refsource_DEBIAN
23164
third-party-advisory
x_refsource_SECUNIA
23686
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now