OpenBSD VuXML: Documenting security issues in the OpenBSD Ports & Packages Collection

unrtf -- buffer overflow vulnerability

Affected packages
unrtf < 0.18.1p0

Details

VuXML ID 0393affc-68d8-11d9-9b34-00065bd5b0b6
Discovery 2004-12-15
Entry 2005-01-17

Yosef Klein and Limin Wang have found a buffer overflow vulnerability in unrtf that can allow an attacker to execute arbitrary code with the permissions of the user running unrtf, by running unrtf on a specially crafted rtf document.

References

Bugtraq ID 12030
CVE Name CAN-2004-1297
URL http://tigger.uic.edu/~jlongs2/holes/unrtf.txt

Copyright © 2003-2005 Jacques Vidrine, Robert Nagy, and contributors.
Please see the source of this document for full copyright information.