Bug 177239 - [PATCH] CVE-2006-0106: WINE vulnerable to CVE-2005-4560 WMF exploit
[PATCH] CVE-2006-0106: WINE vulnerable to CVE-2005-4560 WMF exploit
Product: Fedora
Classification: Fedora
Component: wine (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Andreas Bierfert
Fedora Extras Quality Assurance
: Security
Depends On:
  Show dependency treegraph
Reported: 2006-01-07 21:09 EST by Kevin Kofler
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-01-08 05:34:12 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Kevin Kofler 2006-01-07 21:09:03 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.0 (like Gecko)

Description of problem:
Wine implements the full WMF API including SETABORTPROC, making it vulnerable   
to the Windows WMF exploit (CVE-2005-4560).  
This has been fixed in WINE CVS (revision 1.12 of wine/dlls/gdi/metafile.c). 
URL: http://it.slashdot.org/comments.pl?sid=173205&cid=14412824 (or you can 
get it directly from WINE CVS). 

Version-Release number of selected component (if applicable):

How reproducible:
Didn't try

Steps to Reproduce:
1. firing up a vulnerable Windows app in WINE and  
2. opening an infected WMF file with it. 

Actual Results:  If what I've read is true, it is vulnerable. 

Expected Results:  Not vulnerable. 

Additional info:
Comment 1 Andreas Bierfert 2006-01-08 05:34:12 EST
Thanks for reporting. Fixed and pushed.
Comment 2 Kevin Kofler 2006-01-21 13:28:52 EST
For future reference: The WINE version of the CVE-2005-4560 vulnerability has 
been dubbed CVE-2006-0106. 

Note You need to log in before you can comment on or make changes to this bug.