Vulnerability Bulletins

int(2121)

Vulnerability Bulletins

Ejecución remota de código en Wine al procesar ficheros Windows Metafile (WMF)
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Obtener acceso
Dificulty	Experto
Required attacker level	Acceso remoto sin cuenta a un servicio exotico
System information
Property	Value
Affected manufacturer	GNU/Linux
Affected software	Wine
Description
Se ha descubierto una vulnerabilidad en Wine. La vulnerabilidad reside en que Wine implementa la función de escape SETABORTPROC GDI para ficheros Windows Metafile (WMF). La explotación de esta vulnerabilidad podría permitir a un atacante remoto ejecutar código arbitrario mediante un archivo WMF especialmente diseñado que la víctima debe visualizar. El código se ejecutaría con los privilegios del usuario que ejecuta Wine. Esta vulnerabilidad es la misma descrita en ALTAIR-512-02085 pero en el código de Wine.
Solution
Actualización de software Mandriva Corporate Server 3.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/libwine1-20040213-3.1.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/libwine1-capi-20040213-3.1.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/libwine1-devel-20040213-3.1.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/libwine1-twain-20040213-3.1.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/wine-20040213-3.1.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/wine-utils-20040213-3.1.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/wine-20040213-3.1.C30mdk.src.rpm Mandrivalinux 2006 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/libwine1-20050725-6.1.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/libwine1-capi-20050725-6.1.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/libwine1-devel-20050725-6.1.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/libwine1-twain-20050725-6.1.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/wine-20050725-6.1.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/SRPMS/wine-20050725-6.1.20060mdk.src.rpm SUSE Linux Actualizar mediante YaST Online Update Debian Linux Debian Linux 3.1 Source http://security.debian.org/pool/updates/main/w/wine/wine_0.0.20050310-1.2.dsc http://security.debian.org/pool/updates/main/w/wine/wine_0.0.20050310-1.2.diff.gz http://security.debian.org/pool/updates/main/w/wine/wine_0.0.20050310.orig.tar.gz Architecture independent components http://security.debian.org/pool/updates/main/w/wine/wine-doc_0.0.20050310-1.2_all.deb Intel IA-32 http://security.debian.org/pool/updates/main/w/wine/libwine_0.0.20050310-1.2_i386.deb http://security.debian.org/pool/updates/main/w/wine/libwine-alsa_0.0.20050310-1.2_i386.deb http://security.debian.org/pool/updates/main/w/wine/libwine-arts_0.0.20050310-1.2_i386.deb http://security.debian.org/pool/updates/main/w/wine/libwine-capi_0.0.20050310-1.2_i386.deb http://security.debian.org/pool/updates/main/w/wine/libwine-dev_0.0.20050310-1.2_i386.deb http://security.debian.org/pool/updates/main/w/wine/libwine-jack_0.0.20050310-1.2_i386.deb http://security.debian.org/pool/updates/main/w/wine/libwine-nas_0.0.20050310-1.2_i386.deb http://security.debian.org/pool/updates/main/w/wine/libwine-print_0.0.20050310-1.2_i386.deb http://security.debian.org/pool/updates/main/w/wine/libwine-twain_0.0.20050310-1.2_i386.deb http://security.debian.org/pool/updates/main/w/wine/wine_0.0.20050310-1.2_i386.deb http://security.debian.org/pool/updates/main/w/wine/wine-utils_0.0.20050310-1.2_i386.deb
Standar resources
Property	Value
CVE	CVE-2006-0106
BID
Other resources
Mandriva Security Advisory (MDKSA-2006:014) http://www.mandriva.com/security/advisories?name=MDKSA-2006:014 SUSE Security Summary Report SUSE-SR:2006:002 http://www.novell.com/linux/security/advisories/2006_02_sr.html Debian Security Advisory DSA 954-1 http://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00027.html

Version history
Version	Comments	Date
1.0	Aviso emitido	2006-01-17
1.1	Aviso emitido por SUSE (SUSE-SR:2006:002)	2006-01-24
1.2	Aviso emitido por Debian (DSA 954-1)	2006-01-25

Vulnerability Bulletins

Ejecución remota de código en Wine al procesar ficheros Windows Metafile (WMF)

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history