Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Ubuntu 6.10: USN-374-1 Critical: wv Library Remote Code Execution

Calendar Nov 01, 2006 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory remote code execution integer overflow ubuntu wv library
An integer overflow was discovered in the DOC file parser of the wv library. By tricking a user into opening a specially crafted MSWord (.DOC) file, remote attackers could execute arbitrary code with the user's privileges. 
=========================================================== 
Ubuntu Security Notice USN-374-1          November 01, 2006
wv vulnerability
CVE-2006-4513
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 6.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.10:
  libwv-1.2-1                              1.2.1-2ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

An integer overflow was discovered in the DOC file parser of the wv 
library.  By tricking a user into opening a specially crafted MSWord 
(.DOC) file, remote attackers could execute arbitrary code with the 
user's privileges.


Updated packages for Ubuntu 6.10:

  Source archives:

          Size/MD5:    11929 1162b872e4e77345295a34e0c7fb731b
          Size/MD5:      716 4ec3816084073a77df966ff2fec1a40e
          Size/MD5:   628027 d757080af4595839d5d82a1a573c692c

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5:   146278 3eb3817dfa782c6e3bcc22c6fb35b8ad
          Size/MD5:   202772 30ebeb74c64333e33d5604df48a0f8f0
          Size/MD5:    90506 a1835a5db7c038487567686e77a95f9a

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5:   138724 918761ea08c2eb366821648adc571bc3
          Size/MD5:   180656 f041845463774af932bdd8a848422481
          Size/MD5:    88162 3940c61f26c24d2ac1f66d33a7f00166

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5:   140532 6f76eefa75620e73bfe7738e67618bab
          Size/MD5:   207102 d241cdb9f374c6f6b61c7ce9667f79b6
          Size/MD5:    94366 682568966d755eb3e55ef210ff08dd05

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5:   136236 a8a17256755dfb88d996972dd76736d7
          Size/MD5:   189474 7e263e180bcf218dd6714ab813c9bf97
          Size/MD5:    88130 413b2fb70a223db99545e4e3ccbe2145

Ubuntu 6.10: USN-374-1 Critical: wv Library Remote Code Execution

ubuntu
Calendar Grey November 1, 2006
Dist Ubuntu Esm H88
Fedora Security Advisory FSA-2023-045 warns of a potential exploit in the libxml2 library that could permit unauthorized access through malformed XML documents.
An integer overflow was discovered in the DOC file parser of the wv library

Summary

Topics%20covered

Topics Covered

security advisory remote code execution integer overflow ubuntu wv library

Update Instructions

References

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-374-1 November 01, 2006

Topics%20covered

Topics Covered

security advisory remote code execution integer overflow ubuntu wv library

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here