106 matches found
Deserialization of untrusted data
UnRTF allows remote attackers to cause a denial of service crash and possibly execute arbitrary code as demonstrated by a file containing the string "\cb-999999999"...
CVE-2014-9275
UnRTF allows remote attackers to cause a denial of service out-of-bounds memory access and crash and possibly execute arbitrary code via a crafted RTF file...
CVE-2014-9274
UnRTF allows remote attackers to cause a denial of service crash and possibly execute arbitrary code as demonstrated by a file containing the string "\cb-999999999"...
CVE-2014-9275
UnRTF contains CVEs CVE-2014-9274 and CVE-2014-9275. The issues allow remote attackers to cause denial of service (crash/out-of-bounds access) and potentially execute arbitrary code via crafted RTF files. Affected software is UnRTF (RTF converter); root causes involve memory access/crashes descri...
CVE-2014-9274
UnRTF allows remote attackers to cause a denial of service crash and possibly execute arbitrary code as demonstrated by a file containing the string "\cb-999999999"...
CVE-2014-9275
UnRTF allows remote attackers to cause a denial of service out-of-bounds memory access and crash and possibly execute arbitrary code via a crafted RTF file...
CVE-2014-9274
UnRTF (a command-line RTF converter) is affected by CVE-2014-9274 and CVE-2014-9275. The issues include out-of-bounds memory accesses and other crashes that could lead to denial of service or, potentially, arbitrary code execution when processing crafted RTF files (e.g., malformed color tables). ...
CVE-2014-9275
UnRTF allows remote attackers to cause a denial of service out-of-bounds memory access and crash and possibly execute arbitrary code via a crafted RTF file...
CVE-2014-9274
UnRTF allows remote attackers to cause a denial of service crash and possibly execute arbitrary code as demonstrated by a file containing the string "\cb-999999999"...
Gentoo Security Advisory GLSA 200501-15 (app-text/unrtf)
The remote host is missing updates announced in advisory GLSA 200501-15. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200501-15 (app-text/unrtf)
The remote host is missing updates announced in advisory GLSA 200501-15. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD Ports: unrtf
The remote host is missing an update to the system as announced in the referenced advisory. VID f2d5e56e-67eb-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: unrtf
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD : unrtf -- buffer overflow vulnerability (f2d5e56e-67eb-11d9-a9e7-0001020eed82)
Yosef Klein and Limin Wang have found a buffer overflow vulnerability in unrtf that can allow an attacker to execute arbitrary code with the permissions of the user running unrtf, by running unrtf on a specially crafted rtf document. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
GLSA-200501-15 : UnRTF: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200501-15 UnRTF: Buffer overflow An unchecked strcat in unrtf may overflow the bounds of a static buffer. Impact : Using a specially crafted file, possibly delivered by e-mail or over the web, an attacker may execute arbitrary cod...
CVE-2004-1297
Buffer overflow in the processfonttable function in convert.c for unrtf 0.19.3 allows remote attackers to execute arbitrary code via a crafted RTF file...
CVE-2004-1297
Buffer overflow in the processfonttable function in convert.c for unrtf 0.19.3 allows remote attackers to execute arbitrary code via a crafted RTF file...
CVE-2004-1297
Buffer overflow in the processfonttable function in convert.c for unrtf 0.19.3 allows remote attackers to execute arbitrary code via a crafted RTF file...
DEBIAN-CVE-2004-1297
Buffer overflow in the processfonttable function in convert.c for unrtf 0.19.3 allows remote attackers to execute arbitrary code via a crafted RTF file...
UnRTF: Buffer overflow
Background UnRTF is a utility to convert files in the Rich Text Format into other formats. Description An unchecked strcat in unrtf may overflow the bounds of a static buffer. Impact Using a specially crafted file, possibly delivered by e-mail or over the web, an attacker may execute arbitrary co...