It was found that unrtf is vulnerable to multiple buffer overflow flaws in cmd_* functions. If any exposed application uses unrtf to process untrusted input, these flaws might lead to a denial-of-service. References: http://seclists.org/oss-sec/2016/q4/786 Originally reported in: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849705 Patch: http://hg.savannah.gnu.org/hgweb/unrtf/rev/3b16893a6406
Created unrtf tracking bugs for this issue: Affects: epel-all [bug 1409548] Affects: fedora-all [bug 1409547]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.