Description
Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file.
Affected products
- KDE / koffice1.2 – 1.2
- KDE / koffice1.2.1 – 1.2.1
- KDE / koffice1.3 – 1.3
- KDE / koffice1.3.1 – 1.3.1
- KDE / koffice1.3.2 – 1.3.2
- KDE / koffice1.3.3 – 1.3.3
- KDE / koffice1.3.4 – 1.3.4
- KDE / koffice1.3.5 – 1.3.5
- KDE / koffice1.3_beta1 – 1.3_beta1
- KDE / koffice1.3_beta2 – 1.3_beta2
- KDE / koffice1.3_beta3 – 1.3_beta3
- KDE / koffice1.4 – 1.4
- KDE / koffice1.4.1 – 1.4.1
References
- VENDOR_ADVISORYhttp://secunia.com/advisories/17480
- MISChttp://securitytracker.com/id?1015035
- MISChttp://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.388487
- MISChttp://scary.beasts.org/security/CESA-2005-005.txt
- VENDOR_ADVISORYhttp://www.novell.com/linux/security/advisories/2005_25_sr.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/17171
- MISChttp://www.gentoo.org/security/en/glsa/glsa-200510-12.xml
- VENDOR_ADVISORYhttp://secunia.com/advisories/17212
- VENDOR_ADVISORYhttp://secunia.com/advisories/17332
- VENDOR_ADVISORYhttp://www.debian.org/security/2005/dsa-872
- MISChttp://www.redhat.com/archives/fedora-announce-list/2005-October/msg00042.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/17486
- VENDOR_ADVISORYhttp://secunia.com/advisories/17190
- VENDOR_ADVISORYhttps://usn.ubuntu.com/202-1/
- MISChttp://www.kde.org/info/security/advisory-20051011-1.txt
- VENDOR_ADVISORYhttp://secunia.com/advisories/17145/
- MISChttp://www.securityfocus.com/bid/15060
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/22562