[Wine] Wine and the WMF exploit

ap2003 at libero.it ap2003 at libero.it
Mon Jan 9 15:13:19 CST 2006

There are rumors [1] about Wine suffering from the same WMF vulnerability [2] recently discovered and fixed in Windows systems.

By looking at recent commits, I understand this is probably fixed in CVS, but does anyone have more information?

1) Is a Microsoft-free system theoretically vulnerable? If I use Wine on GNU/Linux (no native Windows DLLs) to run a .exe image viewer and open a malicious WMF file with it, am I -in theory- vulnerable?

2) If yes, how big is the gap between theory and practice? Can I expect to find exploits in the real world, as it already happens for Windows?

3) What would be at stake if I run a vulnerable Wine version? Wine's fake Windows drive? My entire GNU/Linux home directory?


Thank you for your answer,

More information about the wine-users mailing list