FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

unrtf -- buffer overflow vulnerability

Affected packages
unrtf < 0.19.3_1

Details

VuXML ID f2d5e56e-67eb-11d9-a9e7-0001020eed82
Discovery 2004-12-15
Entry 2005-01-16
Modified 2005-02-11

Yosef Klein and Limin Wang have found a buffer overflow vulnerability in unrtf that can allow an attacker to execute arbitrary code with the permissions of the user running unrtf, by running unrtf on a specially crafted rtf document.

References

Bugtraq ID 12030
CVE Name CVE-2004-1297
URL http://tigger.uic.edu/~jlongs2/holes/unrtf.txt