GLSA-200510-17 : AbiWord: New RTF import buffer overflows

The remote host is affected by the vulnerability described in GLSA-200510-17 AbiWord: New RTF import buffer overflows Chris Evans discovered a different set of buffer overflows than the one described in GLSA 200509-20 in the RTF import function in AbiWord. Impact : An attacker could design a...

CVE-2005-2972

CVE-2005-2972 concerns AbiWord’s RTF import in versions prior to 2.2.11, where multiple stack-based buffer overflows can be triggered by a crafted RTF file. The flaws are located in the RTF parser code paths (ParseLevelText, getCharsInsideBrace, HandleLists, HandleAbiLists) in ie_imp_RTF.cpp, and...

CVE-2005-2971

Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file...

CVE-2005-2971

CVE-2005-2971 : Heap-based buffer overflow in the KWord RTF importer of KOffice 1.2.0–1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file. Root cause: buffer overflow in the importer. Affected software is the KWord component of KOffice; multiple advisories (e.g., Debian...

AbiWord: New RTF import buffer overflows

Background AbiWord is a free and cross-platform word processing program. It allows to import RTF files into AbiWord documents. Description Chris Evans discovered a different set of buffer overflows than the one described in GLSA 200509-20 in the RTF import function in AbiWord. Impact An attacker...

abiword, koffice -- stack based buffer overflow vulnerabilities

Chris Evans reports that AbiWord is vulnerable to multiple stack-based buffer overflow vulnerabilities. This is caused by improper checking of the user-supplied data before it is being copied to an too small buffer. The vulnerability is triggered when someone is importing RTF files...

KOffice, KWord: RTF import buffer overflow

Background KOffice is an integrated office suite for KDE. KWord is the KOffice word processor. Description Chris Evans discovered that the KWord RTF importer was vulnerable to a heap-based buffer overflow. Impact An attacker could entice a user to open a specially-crafted RTF file, potentially...

USN-202-1: KOffice vulnerability

Chris Evans discovered a buffer overflow in the RTF import module of KOffice. By tricking a user into opening a specially-crafted RTF file, an attacker could exploit this to execute arbitrary code with the privileges of the AbiWord user...

[KDE Security Advisory] KOffice/KWord RTF import buffer overflow

KDE Security Advisory: KWord RTF import buffer overflow Original Release Date: 2005-10-11 URL: http://www.kde.org/info/security/advisory-20051011-1.txt 0. References CAN-2005-2971 CESA-2005-005 1. Systems affected: All KOffice releases starting from KOffice 1.2.0 up to including KOffice 1.4.1. 2...

GLSA-200509-20 : AbiWord: RTF import stack-based buffer overflow

The remote host is affected by the vulnerability described in GLSA-200509-20 AbiWord: RTF import stack-based buffer overflow Chris Evans discovered that the RTF import function in AbiWord is vulnerable to a stack-based buffer overflow. Impact : An attacker could design a malicious RTF file and...

AbiWord: RTF import stack-based buffer overflow

Background AbiWord is a free and cross-platform word processing program. It allows to import RTF files into AbiWord documents. Description Chris Evans discovered that the RTF import function in AbiWord is vulnerable to a stack-based buffer overflow. Impact An attacker could design a malicious RTF...

CVE-2005-2964

Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism...

CVE-2005-2964

AbiWord (GTK2) contains a stack-based buffer overflow in the RTF import mechanism that can allow arbitrary code execution. Affected: AbiWord versions before 2.2.10. Impact: remote code execution with no user interaction required. Remediation: upgrade to AbiWord 2.2.10 or later as indicated by mul...

CVE-2005-2516

Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format RTF files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands...

CVE-2005-2516

CVE-2005-2516 affects Safari on Mac OS X 10.3.9 and 10.4.2 where rendering RTF content can bypass security checks on hyperlinks, potentially allowing remote command execution. Root cause: improper handling of hyperlinks in rich text content. Impact: remote code execution with no user interaction ...

CVE-2004-0785

CVE-2004-0785 affects Gaim (pre-0.82). The advisory states multiple buffer overflows that allow remote attackers to cause denial of service and potentially execute arbitrary code via (1) RTF messages, (2) an excessively long hostname from DNS, or (3) an overly long URL not properly decoded. Produ...

CVE-2004-0503

Microsoft Outlook 2003 is affected by CVE-2004-0503 due to a security bypass in RTF handling: lack of validation for certain OLE objects attached to RTF messages may bypass Media Player scripting restrictions and could lead to unprompted executable installation when combined with predictable-file...