21 matches found
EUVD-2012-2144
Malware in sbrugna...
SUSE CVE-2012-2149
The WPXContentListener::closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org OOo before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report th...
CVE-2013-1324
Stack-based buffer overflow in Microsoft Office 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT allows remote attackers to execute arbitrary code via a crafted WordPerfect document .wpd file, aka "Word Stack Buffer Overwrite Vulnerability."...
Stack overflow
Stack-based buffer overflow in Microsoft Office 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT allows remote attackers to execute arbitrary code via a crafted WordPerfect document .wpd file, aka "Word Stack Buffer Overwrite Vulnerability."...
Memory corruption
Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a crafted WordPerfect document .wpd file, aka "WPD File Format Memory Corruption Vulnerability."...
Heap overflow
Heap-based buffer overflow in Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a crafted WordPerfect document .wpd file, aka "Word Heap Overwrite Vulnerability."...
libwpd: Memory overwrite flaw by processing certain WordPerfect (WPD) documents
The WPXContentListener::closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org OOo before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report th...
CVE-2012-2149
The WPXContentListener::closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org OOo before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report th...
CVE-2012-2149
The WPXContentListener::closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org OOo before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report th...
WordPerfect Multiple Vendor libwpd WP3TablesGroup Heap Overflow (CVE-2007-0002)
WordPerfect documents have common file extensions ".WP" and ".WPD", which is used by Corel's proprietary word processing application, WordPerfect. Its popularity was based on the fact that it had been available for a wide variety of computers and operation systems, including Mac OS, Linux, and...
Ubuntu 5.10 / 6.06 LTS / 6.10 : libwpd vulnerability (USN-437-1)
Sean Larsson of iDefense Labs discovered that libwpd was vulnerable to integer overflows. If a user were tricked into opening a specially crafted WordPerfect document with an application that used libwpd, an attacker could execute arbitrary code with user privileges. Note that Tenable Network...
OpenOffice.org: Multiple vulnerabilities
Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description John Heasman of NGSSoftware has discovered a stack-based buffer overflow in the StarCal...
CVE-2007-1735
Stack-based buffer overflow in Corel WordPerfect Office X3 13.0.0.565 allows user-assisted remote attackers to execute arbitrary code via a long printer selection PRS name in a Wordperfect document...
USN-437-1: libwpd vulnerability
Sean Larsson of iDefense Labs discovered that libwpd was vulnerable to integer overflows. If a user were tricked into opening a specially crafted WordPerfect document with an application that used libwpd, an attacker could execute arbitrary code with user privileges...
CVE-2007-0002
Multiple heap-based buffer overflows in WordPerfect Document importer/exporter libwpd before 0.8.9 allow user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted WordPerfect file in which values to loop counters are not proper...
Integer overflow
Multiple heap-based buffer overflows in WordPerfect Document importer/exporter libwpd before 0.8.9 allow user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted WordPerfect file in which values to loop counters are not proper...
CVE-2007-1466
Integer overflow in the WP6GeneralTextPacket::readContents function in WordPerfect Document importer/exporter libwpd before 0.8.9 allows user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted WordPerfect file, a different...
CVE-2007-0002
Multiple heap-based buffer overflows in WordPerfect Document importer/exporter libwpd before 0.8.9 allow user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted WordPerfect file in which values to loop counters are not proper...
CVE-2007-1466
Integer overflow in the WP6GeneralTextPacket::readContents function in WordPerfect Document importer/exporter libwpd before 0.8.9 allows user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted WordPerfect file, a different...
Microsoft WordPerfect Document Converter (Windows NT4 Workstation SP5SP6 French) - File Template Buffer Overflow (MS03-036)
Microsoft WordPerfect Document Converter Windows NT4 Workstation SP5SP6 French - File Template Buffer Overflow MS03-036 // / Microsoft WordPerfect Document Converter Buffer Overflow Exploit MS03-036 / / / / Exploit with several targets / / / / Find your own return address with : / / findhex dllna...