CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9754 matches found

OSV•added 2005/10/23 10:2 a.m.•2 views

DEBIAN-CVE-2005-2972

Multiple stack-based buffer overflows in the RTF import feature in AbiWord before 2.2.11 allow user-assisted attackers to execute arbitrary code via an RTF file with long identifiers, which are not properly handled in the 1 ParseLevelText, 2 getCharsInsideBrace, 3 HandleLists, 4 or 5 HandleAbiLis...

5.1CVSS8.2AI score0.02704EPSS

Exploits1References1

NVD•added 2005/10/23 10:2 a.m.•10 views

CVE-2005-2972

5.1CVSS7.3AI score0.02704EPSS

Exploits1References14

Cvelist•added 2005/10/23 4:0 a.m.•17 views

CVE-2005-2972

7.3AI score0.02704EPSS

Exploits1References14

Debian CVE•added 2005/10/23 4:0 a.m.•22 views

CVE-2005-2972

5.1CVSS7.4AI score0.02704EPSS

Exploits1

Tenable Nessus•added 2005/10/19 12:0 a.m.•26 views

GLSA-200510-12 : KOffice, KWord: RTF import buffer overflow

The remote host is affected by the vulnerability described in GLSA-200510-12 KOffice, KWord: RTF import buffer overflow Chris Evans discovered that the KWord RTF importer was vulnerable to a heap-based buffer overflow. Impact : An attacker could entice a user to open a specially crafted RTF file,...

7.5CVSS6.3AI score0.06519EPSS

Exploits1References3

Ubuntu•added 2005/10/13 11:51 p.m.•38 views

USN-203-1: Abiword vulnerabilities

Chris Evans discovered several buffer overflows in the RTF import module of AbiWord. By tricking a user into opening an RTF file with specially crafted long identifiers, an attacker could exploit this to execute arbitrary code with the privileges of the AbiWord user...

5.1CVSS5.8AI score0.02704EPSS

Exploits1

Tenable Nessus•added 2005/10/11 12:0 a.m.•24 views

GLSA-200510-06 : Dia: Arbitrary code execution through SVG import

The remote host is affected by the vulnerability described in GLSA-200510-06 Dia: Arbitrary code execution through SVG import Joxean Koret discovered that the SVG import plugin in Dia fails to properly sanitise data read from an SVG file. Impact : An attacker could create a specially crafted SVG...

5.1CVSS6.3AI score0.02533EPSS

Exploits1References2

Tenable Nessus•added 2005/10/11 12:0 a.m.•19 views

Debian DSA-847-1 : dia - missing input sanitising

Joxean Koret discovered that the Python SVG import plugin in dia, a vector-oriented diagram editor, does not properly sanitise data read from an SVG file and is hence vulnerable to execute arbitrary Python code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

5.1CVSS5.8AI score0.02533EPSS

Exploits1References3

OSV•added 2005/10/08 12:0 a.m.•13 views

DSA-847-1 dia - missing input sanitising

Bulletin has no description...

5.1CVSS6.3AI score0.02533EPSS

Exploits1

Gentoo Linux•added 2005/10/06 12:0 a.m.•20 views

Dia: Arbitrary code execution through SVG import

Background Dia is a gtk+ based diagram creation program released under the GPL license. Description Joxean Koret discovered that the SVG import plugin in Dia fails to properly sanitise data read from an SVG file. Impact An attacker could create a specially crafted SVG file, which, when imported...

5.1CVSS6.5AI score0.02533EPSS

Exploits1

UbuntuCve•added 2005/10/05 9:2 p.m.•12 views

CVE-2005-2966

The Python SVG import plugin diasvgimport.py for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file...

5.1CVSS6.1AI score0.02533EPSS

Exploits1References2

OSV•added 2005/10/05 9:2 p.m.•1 views

DEBIAN-CVE-2005-2966

The Python SVG import plugin diasvgimport.py for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file...

5.1CVSS7.5AI score0.02533EPSS

Exploits1References1

NVD•added 2005/10/05 9:2 p.m.•11 views

CVE-2005-2966

The Python SVG import plugin diasvgimport.py for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file...

5.1CVSS7.1AI score0.02533EPSS

Exploits1References13

CVE•added 2005/10/05 4:0 a.m.•64 views

CVE-2005-2966

CVE-2005-2966 concerns the Python SVG import plugin in dia (diasvg_import.py) affecting DIA 0.94 and earlier. A crafted SVG file could allow user‑assisted attackers to execute arbitrary Python code via the xfig/svg import path. Debian/DSA-847-1 and related advisories document three buffer‑overflo...

5.1CVSS7AI score0.02533EPSS

Exploits1References13Affected Software1

Ubuntu•added 2005/09/29 7:54 p.m.•40 views

USN-188-1: AbiWord vulnerability

Chris Evans discovered a buffer overflow in the RTF import module of AbiWord. By tricking a user into opening an RTF file with specially crafted long identifiers, an attacker could exploit this to execute arbitrary code with the privileges of the AbiWord user...

7.5CVSS5.7AI score0.02076EPSS

Exploits0

securityvulns•added 2005/09/29 12:0 a.m.•39 views

[Full-disclosure] [USN-188-1] AbiWord vulnerability

=========================================================== Ubuntu Security Notice USN-188-1 September 29, 2005 abiword vulnerability CAN-2005-2964 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 Warty Warthog Ubuntu...

7.5CVSS0.2AI score0.02076EPSS

Exploits0

OSV•added 2005/09/28 9:3 p.m.•1 views

DEBIAN-CVE-2005-2964

Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism...

7.5CVSS8AI score0.02076EPSS

Exploits0References1

OSV•added 2005/09/28 9:3 p.m.•6 views

CVE-2005-2964

Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism...

7.7AI score

Exploits0References17