Wine: Windows Metafile SETABORTPROC vulnerability — GLSA 200601-09

There is a flaw in Wine in the handling of Windows Metafiles (WMF) files, which could possibly result in the execution of arbitrary code.

Affected Packages

app-emulation/wine on all architectures
Affected versions < 20060000, > 20040000
Unaffected versions >= 0.9

Background

Wine is a free implementation of Windows APIs for Unix-like systems.

Description

H D Moore discovered that Wine implements the insecure-by-design SETABORTPROC GDI Escape function for Windows Metafile (WMF) files.

Impact

An attacker could entice a user to open a specially crafted Windows Metafile (WMF) file from within a Wine executed Windows application, possibly resulting in the execution of arbitrary code with the rights of the user running Wine.

Workaround

There is no known workaround at this time.

Resolution

All Wine users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-emulation/wine-0.9.0"

References

Release Date
January 13, 2006

Latest Revision
February 26, 2007: 03

Severity
normal

Exploitable
remote

Bugzilla entries