Launchpad.net

CVE 2005-2972

Multiple stack-based buffer overflows in the RTF import feature in AbiWord before 2.2.11 allow user-assisted attackers to execute arbitrary code via an RTF file with long identifiers, which are not properly handled in the (1) ParseLevelText, (2) getCharsInsideBrace, (3) HandleLists, (4) or (5) HandleAbiLists functions in ie_imp_RTF.cpp, a different vulnerability than CVE-2005-2964.

Related bugs and status

CVE-2005-2972 (Candidate) is related to these bugs:

Bug #23847: abiword: [CAN-2005-2972] More RTF import buffer overflows

Summary				In	Importance	Status
	23847	abiword: [CAN-2005-2972] More RTF import buffer overflows		abiword (Ubuntu)	High	Fix Released
	23847	abiword: [CAN-2005-2972] More RTF import buffer overflows		abiword (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://scary.beasts.or...
MISC: http://www.mail-archiv...
GENTOO: GLSA-200510-17
CONFIRM: http://www.abisource.c...
BID: 15096
OSVDB: 20015
SECUNIA: 17199
DEBIAN: DSA-894
SECUNIA: 17200
SECUNIA: 17213
SECUNIA: 17264
SECUNIA: 17551
FEDORA: FEDORA-2005-989
VUPEN: ADV-2005-2086
UBUNTU: USN-203-1