Debian Security Advisory 1796-1 – Tavis Ormandy discovered that the embedded GD library copy in libwmf, a library to parse windows metafiles (WMF), makes use of a pointer after it was already freed. An attacker using a crafted WMF file can cause a denial of service or possibly the execute arbitrary code via applications using this library.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/77355/dsa-1796-1.txt
Source: https://packetstormsecurity.com/files/77355/Debian-Linux-Security-Advisory-1796-1.html