Bug 170413 - CAN-2005-2964 AbiWord RTF File Processing Buffer Overflow
CAN-2005-2964 AbiWord RTF File Processing Buffer Overflow
Status: CLOSED WONTFIX
Product: Fedora Legacy
Classification: Retired
Component: abiword (Show other bugs)
rhl7.3
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Fedora Legacy Bugs
http://www.abisource.com/changelogs/2...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-10-11 10:14 EDT by John Dalbec
Modified: 2007-08-30 15:57 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-08-30 15:57:10 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description John Dalbec 2005-10-11 10:14:42 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20050729 Netscape/8.0.3.3

Description of problem:
05.40.21 CVE: CAN-2005-2964
Platform: Cross Platform
Title: AbiWord RTF File Processing Buffer Overflow
Description: AbiWord is an open source word processor. It is
susceptible to a buffer overflow vulnerability. This issue presents
itself when RTF files are imported into AbiWord. When the affected
application attempts to process malicious RTF files, a buffer may be
overwritten, resulting in the attacker being able to modify critical
memory control structures. AbiWord versions 2.0.1 through 2.2.9 are
vulnerable.
Ref: http://www.abisource.com/changelogs/2.2.10.phtml

Version-Release number of selected component (if applicable):


How reproducible:
Didn't try


Additional info:
Comment 1 John Dalbec 2005-11-29 09:09:05 EST
05.42.20 CVE: CAN-2005-2972
Platform: Cross Platform
Title: AbiWord Stack-Based Buffer Overflow Vulnerabilities
Description: AbiWord is a word processor available for multiple
operating systems.It is susceptible to multiple stack-based buffer
overflow vulnerabilities that are caused by failure of the application
to properly do bounds check on user-supplied data when RTF (Rich Text
Files) files are imported into AbiWord. For a list of vulnerable
versions, please visit the reference link provided.
Ref: http://www.securityfocus.com/bid/15096 
Comment 2 Jesse Keating 2007-08-30 15:57:10 EDT
Fedora Legacy project has ended.  These will not be fixed by Fedora Legacy.

Note You need to log in before you can comment on or make changes to this bug.