Launchpad.net

CVE 2014-9275

UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file.

See the CVE page on Mitre.org for more details.