Информационная безопасность
[RU] switch to English


Многочисленные уязвимости в библиотеке libwpd /OpenOffice / AbiWord (multiple bugs)
Опубликовано:17 марта 2007 г.
Источник:
SecurityVulns ID:7418
Тип:библиотека
Уровень опасности:
6/10
Описание:Многочисленные переполнения буфера при разборе документов Word Perfect.
Затронутые продукты:OPENOFFICE : OpenOffice 2.0
 OPENOFFICE : OpenOffice 2.1
 LIBWPD : libwpd 0.8
CVE:CVE-2007-1466 (Integer overflow in the the WP6GeneralTextPacket::_readContents function in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted WordPerfect file, a different vulnerability than CVE-2007-0002.)
 CVE-2007-0002 (Multiple heap-based buffer overflows in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allow user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted WordPerfect file in which values to loop counters are not properly handled in the (1) WP3TablesGroup::_readContents and (2) WP5DefinitionGroup_DefineTablesSubGroup::WP5DefinitionGroup_DefineTablesSubGroup functions. NOTE: the integer overflow has been split into CVE-2007-1466.)
Оригинальный текстdocumentIDEFENSE, iDefense Security Advisory 03.16.07: Multiple Vendor libwpd Multiple Buffer Overflow Vulnerabilities (17.03.2007)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород