wv2 -- Integer Overflow Vulnerability

2006-06-12T00:00:00
ID B9044CC2-8AA5-11DB-BD0D-00123FFE8333
Type freebsd
Reporter FreeBSD
Modified 2006-06-12T00:00:00

Description

Secunia reports:

A vulnerability has been reported in wvWare wv2 Library, which potentially can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to an integer overflow error in "word_helper.h" when handling a Word document. This can be exploited to cause a buffer overflow and may allow arbitrary code execution via a specially crafted Word document.