Tavis Ormandy discovered that the embedded GD library copy in libwmf, a library to parse windows metafiles (WMF), makes use of a pointer after it was already freed. <excerpt>An attacker using a crafted WMF file can cause a denial of service or possibly the execute arbitrary code via applications using this library<excerpt>.

-</p>

Make your website safer. Use external penetration testing (http://www.beyondsecurity.com/penetration-testing.html) service. First report ready in one hour!</p>

**Hidden Content: Check the thread to see hidden data.**