Описание
Multiple integer overflows in the WV library in wvWare (formerly mswordview) before 1.2.3, as used by AbiWord, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a crafted Microsoft Word (DOC) file that produces (1) large LFO clfolvl values in the wvGetLFO_records function or (2) a large LFO nolfo value in the wvGetFLO_PLF function.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.0.2-0.1ubuntu0.6.06 |
| devel | released | 1.2.4-2 |
| edgy | released | 1.2.1-2ubuntu0.1 |
| feisty | released | 1.2.4-2 |
| upstream | needs-triage |
Показывать по
5.1 Medium
CVSS2
Связанные уязвимости
Multiple integer overflows in the WV library in wvWare (formerly mswordview) before 1.2.3, as used by AbiWord, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a crafted Microsoft Word (DOC) file that produces (1) large LFO clfolvl values in the wvGetLFO_records function or (2) a large LFO nolfo value in the wvGetFLO_PLF function.
Multiple integer overflows in the WV library in wvWare (formerly mswor ...
Multiple integer overflows in the WV library in wvWare (formerly mswordview) before 1.2.3, as used by AbiWord, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a crafted Microsoft Word (DOC) file that produces (1) large LFO clfolvl values in the wvGetLFO_records function or (2) a large LFO nolfo value in the wvGetFLO_PLF function.
5.1 Medium
CVSS2