Bugzilla – Bug 1173070
VUL-0: CVE-2020-13999: libEMF: integer overflow and denial of service in ScaleViewPortExtEx
Last modified: 2021-11-16 10:45:10 UTC
ScaleViewPortExtEx in libemf.cpp in libEMF (aka ECMA-234 Metafile Library)
1.0.12 allows an integer overflow and denial of service via a crafted EMF file.
tracking both SUSE:SLE-12:Update and SUSE:SLE-15:Update as affected.
maybe it makes sense to include the sanity check, that x_num, x_den, y_num, y_den are not 0, into the diff.