CVE-2006-4513 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-4513
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4513

Description: Multiple integer overflows in the WV library in wvWare (formerly mswordview) before 1.2.3, as used by AbiWord, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a crafted Microsoft Word (DOC) file that produces (1) large LFO clfolvl values in the wvGetLFO_records function or (2) a large LFO nolfo value in the wvGetFLO_PLF function.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/29833 UBUNTU http://www.ubuntu.com/usn/usn-374-1 SUSE http://www.novell.com/linux/security/advisories/2006_28_sr.html ST 1017126 SAID Secunia Advisory: SA22595 Secunia Advisory: SA22680 Secunia Advisory: SA22705 Secunia Advisory: SA23273 Secunia Advisory: SA23335 MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:202 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=433 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=434 GENTOO http://security.gentoo.org/glsa/glsa-200612-01.xml BID 20761

Return to the previous page.