SUSE CVE-2004-0645

Buffer overflow in the wvHandleDateTimePicture function in wv library wvWare 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field...

CVE-2006-4513

Multiple integer overflows in the WV library in wvWare formerly mswordview before 1.2.3, as used by AbiWord, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a crafted Microsoft Word DOC file that produces 1 large LFO clfolvl values in the...

FreeBSD : wv -- Multiple Integer Overflow Vulnerabilities (d29dc506-8aa6-11db-bd0d-00123ffe8333)

Secunia reports : Some vulnerabilities have been reported in wvWare, which can be exploited by malicious people to cause a DoS Denial of Service and potentially compromise an application using the library. The vulnerabilities are caused due to integer overflows within the 'wvGetLFOrecords' and...

USN-374-1: wvWare vulnerability

An integer overflow was discovered in the DOC file parser of the wv library. By tricking a user into opening a specially crafted MSWord .DOC file, remote attackers could execute arbitrary code with the user's privileges...

wvWare library integer overflows

Few integer overflows on Microsoft Word document parsing...

DEBIAN-CVE-2006-4513

Multiple integer overflows in the WV library in wvWare formerly mswordview before 1.2.3, as used by AbiWord, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a crafted Microsoft Word DOC file that produces 1 large LFO clfolvl values in the...

CVE-2006-4513

Multiple integer overflows in the WV library in wvWare formerly mswordview before 1.2.3, as used by AbiWord, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a crafted Microsoft Word DOC file that produces 1 large LFO clfolvl values in the...

wvWare多个整数溢出漏洞

wvWare是一个用于装载和解析Microsoft Word文件的库。 WV库的实现上存在多个整数溢出漏洞，攻击者可能利用这些漏洞在用户机器上执行任意指令。 WV库在解析文档时没有检查溢出情况便使用常数乘以用户所提供的整数值： 35 int 36 wvGetLFOrecords LFO lfo, LFOLVL lfolvl, LVL lvl, U32 nolfo, 37 U32 nooflvl, U32 offset, U32 len, wvStream fd 38 .. 47 for i = 0; i nolfo; i++ 48 nooflvl += lfoi.clfolvl; .. ...

CVE-2006-4513

Multiple integer overflows in the WV library in wvWare formerly mswordview before 1.2.3, as used by AbiWord, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a crafted Microsoft Word DOC file that produces 1 large LFO clfolvl values in the...

CVE-2006-4513

Multiple integer overflows in the WV library in wvWare formerly mswordview before 1.2.3, as used by AbiWord, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a crafted Microsoft Word DOC file that produces 1 large LFO clfolvl values in the...

CVE-2006-4513

CVE-2006-4513 affects the WV library used by wvWare (formerly mswordview). The issue is two integer overflow flaws in the Word converter: LVL count and LFO count (wvGetLFO_records and wvGetFLO_PLF), exploitable via crafted DOC files to execute code. Affected products include AbiWord and KWord (an...

wv -- Multiple Integer Overflow Vulnerabilities

Secunia reports: Some vulnerabilities have been reported in wvWare, which can be exploited by malicious people to cause a DoS Denial of Service and potentially compromise an application using the library. The vulnerabilities are caused due to integer overflows within the "wvGetLFOrecords" and...

wv2 -- Integer Overflow Vulnerability

Secunia reports: A vulnerability has been reported in wvWare wv2 Library, which potentially can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to an integer overflow error in "wordhelper.h" when handling a Word document. This can b...

DEBIAN-CVE-2004-0645

Buffer overflow in the wvHandleDateTimePicture function in wv library wvWare 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field...

wvWare buffer overflow

Buffer overflow on parsing MS Word document DateTime filed...

[Full-Disclosure] iDEFENSE Security Advisory 07.09.04: wvWare Library Buffer Overflow Vulnerability

wvWare Library Buffer Overflow Vulnerability iDEFENSE Security Advisory 07.09.04 www.idefense.com/application/poi/display?id=115&type=vulnerabilities July 09, 2004 I. BACKGROUND Caoln McNamara and Dom Lachowicz's wvWare is a library used to load and parse Microsoft Word files on unix-based system...