SUSE-SA:2007:023: OpenOffice_org,libwpd

The remote host is missing the patch for the advisory SUSE-SA:2007:023 OpenOfficeorg,libwpd. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This plugin text was extracted from SuSE Security Advisory SUSE-SA:2007:023 if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

RHEL 5 : libwpd (RHSA-2007:0055)

Updated libwpd packages to correct a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. libwpd is a library for reading and converting Word Perfect documents. iDefense reported...

GLSA-200704-07 : libwpd: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200704-07 libwpd: Multiple vulnerabilities libwpd contains heap-based overflows in two functions that convert WordPerfect document tables. In addition, it contains an integer overflow in a text-conversion function. Impact : An...

Slackware 10.2 / 11.0 / current : libwpd (SSA:2007-085-02)

New libwpd packages are available for Slackware 10.2, 11.0, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2007-085-02. The text itself is copyright C...

LibWPD库多个缓冲区溢出漏洞

libwpd是一款用于读取和转换Word Perfect文档的函数库。 libwpd处理畸形文档存在漏洞，远程攻击者可利用漏洞以应用程序进程权限执行任意指令。 第一个问题存在于WP6GeneralTextPacket::readContents函数中，此函数读取一系列整数值然后相加，加的结果用于从堆中分配内存块。函数然后使用加法得到的operand作为拷贝数据字节大小，从文件中拷贝数据到缓冲区，不过求和操作可能导致整数溢出，在拷贝操作中溢出缓冲区。 另外问题是WP3TablesGroup::readContents和...

[slackware-security] libwpd

New libwpd packages are available for Slackware 10.2, 11.0, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2007-002 Here are the details from the Slackware 11.0 ChangeLog:...

Fedora Core 5 : libwpd-0.8.9-1.fc5 (2007-350)

CVE-2007-0002 buffer overflows in wordperfect document parsing Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Fedora Core 6 : libwpd-0.8.9-1.fc6 (2007-351)

CVE-2007-0002 buffer overflows in wordperfect document parsing Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Important: Red Hat Security Advisory: openoffice.org security update

Updated openoffice.org packages to correct security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop application...

security flaw

Integer overflow in the WP6GeneralTextPacket::readContents function in WordPerfect Document importer/exporter libwpd before 0.8.9 allows user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted WordPerfect file, a different...

USN-437-1: libwpd vulnerability

Sean Larsson of iDefense Labs discovered that libwpd was vulnerable to integer overflows. If a user were tricked into opening a specially crafted WordPerfect document with an application that used libwpd, an attacker could execute arbitrary code with user privileges...

Mandrake Linux Security Advisory : libwpd (MDKSA-2007:063)

iDefense reported several overflow bugs in libwpd. An attacker could create a carefully crafted Word Perfect file that could cause an application linked with libwpd, such as OpenOffice, to crash or possibly execute arbitrary code if the file was opened by a victim. Updated packages have been...

Debian DSA-1268-1 : libwpd - integer overflow

iDefense reported several integer overflow bugs in libwpd, a library for handling WordPerfect documents. Attackers were able to exploit these with carefully crafted Word Perfect files that could cause an application linked with libwpd to crash or possibly execute arbitrary code. %NASLMINLEVEL 703...

[SECURITY] [DSA 1268-1] New libwpd packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1268-1 [email protected] http://www.debian.org/security/ Martin Schulze March 17th, 2007 http://www.debian.org/security/faq -...

libwpd /OpenOffice / AbiWord multiple security vulnerabilities

Multiple buffer overflows on Word Perfect documents parsing...

iDefense Security Advisory 03.16.07: Multiple Vendor libwpd Multiple Buffer Overflow Vulnerabilities

Multiple Vendor libwpd Multiple Buffer Overflow Vulnerabilities iDefense Security Advisory 03.16.07 http://labs.idefense.com/intelligence/vulnerabilities/ Mar 16, 2007 I. BACKGROUND libwpd is a C++ library used to decode and encode word perfect documents. It is commonly used as a plug-in in word...

DSA-1268-1 libwpd - integer overflow

Bulletin has no description...

CVE-2007-1466

Integer overflow in the WP6GeneralTextPacket::readContents function in WordPerfect Document importer/exporter libwpd before 0.8.9 allows user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted WordPerfect file, a different...

Integer overflow

Integer overflow in the WP6GeneralTextPacket::readContents function in WordPerfect Document importer/exporter libwpd before 0.8.9 allows user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted WordPerfect file, a different...

CVE-2007-0002

The CVE-2007-0002 issue is a heap-based buffer overflow in libwpd (WordPerfect Document importer/exporter) used by OpenOffice.org/OpenOffice.org-derived apps. A crafted WordPerfect file could trigger a crash or arbitrary code execution due to improper handling in WP3TablesGroup::_readContents and...