208 matches found
Microsoft Word WPD Remote Code Execution (MS13-091; CVE-2013-1324; CVE-2013-1325)
A remote code execution vulnerability exists in the way that affected Microsoft Office software parses WordPerfect files. The vulnerability is caused when Microsoft Office does not properly process a specially crafted WordPerfect file. Exploitation of this vulnerability requires a user to open a...
WPD files
WordPerfect documents have common file extensions ".WP" and ".WPD", which is used by Corel's proprietary word processing application, WordPerfect. Its popularity was based on the fact that it had been available for a wide variety of computers and operation systems, including Mac OS, Linux, and...
Corel WordPerfect Document Processing Buffer Overflow (CVE-2012-4900)
A heap memory corruption vulnerability has been reported in Corel WordPerfect...
Untrusted Pointer Dereference Vulnerability in Corel WordPerfect X6
Advisory ID: HTB23114 Product: Corel WordPerfect X6 Standard Edition Vendor: Corel Corporation Vulnerable Versions: 16.0.0.388, other versions may be also affected Tested Version: 16.0.0.388 on Windows 7 SP1 32 bits Vendor Notification: September 12, 2012 Public Disclosure: March 7, 2013...
Corel WordPerfect uninitialized pointer dereference
User-controlled pointer dereferences on WPD parsing...
Corel WordPerfect X6 Standard Edition Untrusted Pointer Dereference
Advisory ID: HTB23114 Product: Corel WordPerfect X6 Standard Edition Vendor: Corel Corporation Vulnerable Versions: 16.0.0.388, other versions may be also affected Tested Version: 16.0.0.388 on Windows 7 SP1 32 bits Vendor Notification: September 12, 2012 Public Disclosure: March 7, 2013...
Oracle Outside In WordPerfect File Processing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable products utilizing the Oracle Outside In technology. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
Untrusted Pointer Dereference Vulnerability in Corel WordPerfect X6
High-Tech Bridge Security Research Lab discovered an untrusted pointer dereference vulnerability in Corel WordPerfect. Opening of a malicious WPD WordPerfect Document causes immediate application crash, resulting in a loss of all unsaved current application data of the user. 1 Untrusted Pointer...
Scientific Linux Security Update : libwpd on SL5.x i386/x86_64 (20120626)
libwpd is a library for reading and converting Corel WordPerfect Office documents. A buffer overflow flaw was found in the way libwpd processed certain Corel WordPerfect Office documents .wpd files. An attacker could provide a specially crafted .wpd file that, when opened in an application linked...
RHEL 5 : libwpd (RHSA-2012:1043)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:1043 advisory. - libwpd: Memory overwrite flaw by processing certain WordPerfect WPD documents CVE-2012-2149 Note that Nessus has not tested for this issue but has...
libwpd security update
CentOS Errata and Security Advisory CESA-2012:1043 Updated libwpd packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base...
Important: Red Hat Security Advisory: libwpd security update
Updated libwpd packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
libwpd: Memory overwrite flaw by processing certain WordPerfect (WPD) documents
The WPXContentListener::closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org OOo before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report th...
CVE-2012-2149
The WPXContentListener::closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org OOo before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report th...
CVE-2012-2149
The WPXContentListener::closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org OOo before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report th...
DEBIAN-CVE-2012-2149
The WPXContentListener::closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org OOo before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report th...
CVE-2012-2149
The WPXContentListener::closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org OOo before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report th...
Integer overflow
The WPXContentListener::closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org OOo before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report th...
CVE-2012-2149
CVE-2012-2149 affects the libwpd library (used by OpenOffice.org prior to 3.4). The vulnerability stems from a memory corruption risk in WPXContentListener::_closeTableRow (reported as a negative array index or integer overflow), allowing remote code execution via crafted WordPerfect .WPD documen...
CVE-2012-2149
The WPXContentListener::closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org OOo before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report th...