“AbiWord is affected by a vulnerability in the
“wv” library, which potentially can be exploited by
malicious people to compromise a user’s system….Solution:
Update to version 2.0.8 or later.
http://www.abisource.com/download/.”…
Grok Headline matches for AbiWord "wv" Library Buffer Overflow Vulnerability
wvWare Library Buffer Overflow Vulnerability
wvWare Library Buffer Overflow Vulnerability07/10/2004 11:24 PM “Caolán McNamara and Dom Lachowicz’s wvWare is a library used to
load and
parse Microsoft Word files on unix-based systems. wvWare is used in
some
third-party programs to view and convert Microsoft Word documents to
other formats….[It] has been found to contain a buffer overflow
condition that can be exploited through a specially crafted
document….If an attacker can convince a user to open an exploit
document in HTML
mode using an application that builds upon the wv library, it is
possible for the attacker to execute arbitrary code under the
privileges
of that user….Dom Lachowicz has posted…patch
details…”
“Chew Keong TAN has reported a vulnerability in
BlackJumboDog, potentially allowing malicious people to compromise a
vulnerable system….This has been reported in version 3.6.1.
Prior versions may also be affected. Solution: Reportedly, the
vulnerability has been fixed in version 3.6.2.”…
“CRITICAL: Moderately critical IMPACT: System access WHERE:
From remote Komrade has reported a vulnerability in Trillian, which
can be exploited by malicious people to compromise a user’s
system. The vulnerability is caused due to a boundary error within the
MSN module. This can be exploited to cause a buffer overflow by
passing an overly long string (about 4096 bytes) from a MSN messenger
server. Successful exploitation requires that a malicious person
either intercepts and manipulates…
“Luigi Auriemma has reported a vulnerability in Medal of
Honor, allowing malicious people to gain system access….The
following versions has been reported vulnerable: Allied Assault 1.11v9
and prior; Breakthrough 2.40b and prior; Spearhead 2.15 and
prior….Solution: Do not play games on production
systems.”…
Oracle9i Database Buffer Overflow Vulnerability in iSQL*Plus
Oracle9i Database Buffer Overflow Vulnerability in iSQL*Plus11/05/2002 12:07 PM A potential buffer overflow security vulnerability has been discovered
in the iSQL*Plus component of Oracle9i Database. Oracle has issued a
severity level of 2 for this vulnerability.
Adobe Reader 6.0 Filename Handler Buffer Overflow Vulnerability07/13/2004 10:33 AM “Exploitation of a buffer overflow vulnerability in Adobe Reader
6.0 could allow remote attackers to execute arbitrary
code….Successful exploitation allows an attacker to execute
arbitrary code under the privileges of the local user. Remote
exploitation is possible by sending a specially crafted e-mail and
attaching the malicious PDF document….iDEFENSE has confirmed
that Adobe Acrobat Reader version 6.0.1 is vulnerable. It is suspected
that other versions of Adobe Acrobat Reader are vulnerable as well.
Adobe Acrobat may also be vulnerable.”
Microsoft Jet Database Engine DB File Buffer Overflow Vulnerability
Mozilla Thunderbird GIF Image Processing Buffer Overflow Vulnerability
Mozilla Thunderbird GIF Image Processing Buffer Overflow Vulnerability03/24/2005 02:15 PM “Secunia Advisory: SA14685 Critical: Highly critical Impact:
System access Where: From remote Solution Status: Vendor Patch
Software: Mozilla Thunderbird 0.x, Mozilla Thunderbird 1.x Mark Dowd
has reported a vulnerability in Thunderbird, which can be exploited by
malicious people to compromise a user’s system. The
vulnerability is caused due to a boundary error in the GIF image
processing of Netscape extension 2 blocks and can be exploited to
cause a heap-based buffer overflow via a specially…
