790 matches found
AbiWord: RTF import stack-based buffer overflow
Background AbiWord is a free and cross-platform word processing program. It allows to import RTF files into AbiWord documents. Description Chris Evans discovered that the RTF import function in AbiWord is vulnerable to a stack-based buffer overflow. Impact An attacker could design a malicious RTF...
USN-188-1: AbiWord vulnerability
Chris Evans discovered a buffer overflow in the RTF import module of AbiWord. By tricking a user into opening an RTF file with specially crafted long identifiers, an attacker could exploit this to execute arbitrary code with the privileges of the AbiWord user...
AbiWord buffer overflow
Buffer overflow on RTF files parsing...
[Full-disclosure] [USN-188-1] AbiWord vulnerability
=========================================================== Ubuntu Security Notice USN-188-1 September 29, 2005 abiword vulnerability CAN-2005-2964 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 Warty Warthog Ubuntu...
CVE-2005-2964
Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism...
CVE-2005-2964
Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism...
DEBIAN-CVE-2005-2964
Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism...
CVE-2005-2964
Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism...
CVE-2005-2964
Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism...
CVE-2005-2964
AbiWord (GTK2) contains a stack-based buffer overflow in the RTF import mechanism that can allow arbitrary code execution. Affected: AbiWord versions before 2.2.10. Impact: remote code execution with no user interaction required. Remediation: upgrade to AbiWord 2.2.10 or later as indicated by mul...
CVE-2005-2964
Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism...
CVE-2005-2516
CVE-2005-2516 affects Safari on Mac OS X 10.3.9 and 10.4.2 where rendering RTF content can bypass security checks on hyperlinks, potentially allowing remote command execution. Root cause: improper handling of hyperlinks in rich text content. Impact: remote code execution with no user interaction ...
CVE-2005-2501
Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows external user-assisted attackers to execute arbitrary code via a crafted Rich Text Format RTF file...
CVE-2005-2516
Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format RTF files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands...
CVE-2005-2501
CVE-2005-2501 : A buffer overflow in Apple Mac OS X’s AppKit (handling of rich text, .rtf) could allow a remote attacker to execute arbitrary code on vulnerable systems. Affected: Mac OS X 10.3.9 and 10.4.2 (and apps using AppKit such as TextEdit). Root cause: overflow in AppKit’s RTF handling. I...
FreeBSD : unrtf -- buffer overflow vulnerability (f2d5e56e-67eb-11d9-a9e7-0001020eed82)
Yosef Klein and Limin Wang have found a buffer overflow vulnerability in unrtf that can allow an attacker to execute arbitrary code with the permissions of the user running unrtf, by running unrtf on a specially crafted rtf document. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
CVE-2004-1297
Buffer overflow in the processfonttable function in convert.c for unrtf 0.19.3 allows remote attackers to execute arbitrary code via a crafted RTF file...
CVE-2004-1297
Buffer overflow in the processfonttable function in convert.c for unrtf 0.19.3 allows remote attackers to execute arbitrary code via a crafted RTF file...
CVE-2004-1297
Buffer overflow in the processfonttable function in convert.c for unrtf 0.19.3 allows remote attackers to execute arbitrary code via a crafted RTF file...
CVE-2004-1293
Buffer overflow in the ReadFontTbl function in reader.c for rtf2latex2e 1.0fc2 allows remote attackers to execute arbitrary code via a crafted RTF file...