Launchpad.net

CVE 2014-9274

UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999".

See the CVE page on Mitre.org for more details.