Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 1 of 2).
AnalysisAI
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 1 of 2). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.
Technical ContextAI
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 1 of 2). Affected products include: Libemf Project Libemf, Fedoraproject Fedora, Opensuse Leap. Version information: through 1.0.11.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free. Rated high severity (CVSS 7.8), this vuln
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows out-of-bounds memory access. Rated high severity (CVSS 7.8)
ScaleViewPortExtEx in libemf.cpp in libEMF (aka ECMA-234 Metafile Library) 1.0.12 allows an integer overflow and denial
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 2 of 2). Rated medium severity (CV
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today