FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

wv2 -- Integer Overflow Vulnerability

Affected packages
wv2 < 0.2.3


VuXML ID b9044cc2-8aa5-11db-bd0d-00123ffe8333
Discovery 2006-06-12
Entry 2006-12-13

Secunia reports:

A vulnerability has been reported in wvWare wv2 Library, which potentially can be exploited by malicious people to compromise an application using the library.

The vulnerability is caused due to an integer overflow error in "word_helper.h" when handling a Word document. This can be exploited to cause a buffer overflow and may allow arbitrary code execution via a specially crafted Word document.


CVE Name CVE-2006-2197