DSA-872-1 koffice - buffer overflow

Bulletin has no description...

GLSA-200510-17 : AbiWord: New RTF import buffer overflows

The remote host is affected by the vulnerability described in GLSA-200510-17 AbiWord: New RTF import buffer overflows Chris Evans discovered a different set of buffer overflows than the one described in GLSA 200509-20 in the RTF import function in AbiWord. Impact : An attacker could design a...

CVE-2005-2972

Multiple stack-based buffer overflows in the RTF import feature in AbiWord before 2.2.11 allow user-assisted attackers to execute arbitrary code via an RTF file with long identifiers, which are not properly handled in the 1 ParseLevelText, 2 getCharsInsideBrace, 3 HandleLists, 4 or 5 HandleAbiLis...

CVE-2005-2972

Multiple stack-based buffer overflows in the RTF import feature in AbiWord before 2.2.11 allow user-assisted attackers to execute arbitrary code via an RTF file with long identifiers, which are not properly handled in the 1 ParseLevelText, 2 getCharsInsideBrace, 3 HandleLists, 4 or 5 HandleAbiLis...

CVE-2005-2972

Multiple stack-based buffer overflows in the RTF import feature in AbiWord before 2.2.11 allow user-assisted attackers to execute arbitrary code via an RTF file with long identifiers, which are not properly handled in the 1 ParseLevelText, 2 getCharsInsideBrace, 3 HandleLists, 4 or 5 HandleAbiLis...

CVE-2005-2972

Multiple stack-based buffer overflows in the RTF import feature in AbiWord before 2.2.11 allow user-assisted attackers to execute arbitrary code via an RTF file with long identifiers, which are not properly handled in the 1 ParseLevelText, 2 getCharsInsideBrace, 3 HandleLists, 4 or 5 HandleAbiLis...

CVE-2005-2972

CVE-2005-2972 concerns AbiWord’s RTF import in versions prior to 2.2.11, where multiple stack-based buffer overflows can be triggered by a crafted RTF file. The flaws are located in the RTF parser code paths (ParseLevelText, getCharsInsideBrace, HandleLists, HandleAbiLists) in ie_imp_RTF.cpp, and...

CVE-2005-2972

Multiple stack-based buffer overflows in the RTF import feature in AbiWord before 2.2.11 allow user-assisted attackers to execute arbitrary code via an RTF file with long identifiers, which are not properly handled in the 1 ParseLevelText, 2 getCharsInsideBrace, 3 HandleLists, 4 or 5 HandleAbiLis...

CVE-2005-2971

Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file...

CVE-2005-2971

Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file...

CVE-2005-2971

CVE-2005-2971 : Heap-based buffer overflow in the KWord RTF importer of KOffice 1.2.0–1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file. Root cause: buffer overflow in the importer. Affected software is the KWord component of KOffice; multiple advisories (e.g., Debian...

AbiWord: New RTF import buffer overflows

Background AbiWord is a free and cross-platform word processing program. It allows to import RTF files into AbiWord documents. Description Chris Evans discovered a different set of buffer overflows than the one described in GLSA 200509-20 in the RTF import function in AbiWord. Impact An attacker...

GLSA-200510-12 : KOffice, KWord: RTF import buffer overflow

The remote host is affected by the vulnerability described in GLSA-200510-12 KOffice, KWord: RTF import buffer overflow Chris Evans discovered that the KWord RTF importer was vulnerable to a heap-based buffer overflow. Impact : An attacker could entice a user to open a specially crafted RTF file,...

KOffice, KWord: RTF import buffer overflow

Background KOffice is an integrated office suite for KDE. KWord is the KOffice word processor. Description Chris Evans discovered that the KWord RTF importer was vulnerable to a heap-based buffer overflow. Impact An attacker could entice a user to open a specially-crafted RTF file, potentially...

abiword, koffice -- stack based buffer overflow vulnerabilities

Chris Evans reports that AbiWord is vulnerable to multiple stack-based buffer overflow vulnerabilities. This is caused by improper checking of the user-supplied data before it is being copied to an too small buffer. The vulnerability is triggered when someone is importing RTF files...

USN-203-1: Abiword vulnerabilities

Chris Evans discovered several buffer overflows in the RTF import module of AbiWord. By tricking a user into opening an RTF file with specially crafted long identifiers, an attacker could exploit this to execute arbitrary code with the privileges of the AbiWord user...

USN-202-1: KOffice vulnerability

Chris Evans discovered a buffer overflow in the RTF import module of KOffice. By tricking a user into opening a specially-crafted RTF file, an attacker could exploit this to execute arbitrary code with the privileges of the AbiWord user...

KOffice buffer overflow

Buffer overflow on RTF files parsing...

[KDE Security Advisory] KOffice/KWord RTF import buffer overflow

KDE Security Advisory: KWord RTF import buffer overflow Original Release Date: 2005-10-11 URL: http://www.kde.org/info/security/advisory-20051011-1.txt 0. References CAN-2005-2971 CESA-2005-005 1. Systems affected: All KOffice releases starting from KOffice 1.2.0 up to including KOffice 1.4.1. 2...

GLSA-200509-20 : AbiWord: RTF import stack-based buffer overflow

The remote host is affected by the vulnerability described in GLSA-200509-20 AbiWord: RTF import stack-based buffer overflow Chris Evans discovered that the RTF import function in AbiWord is vulnerable to a stack-based buffer overflow. Impact : An attacker could design a malicious RTF file and...