Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
87
security advisoryabiwordupdateDebian 3.1 DSA 894-1 Critical: Fix for AbiWord Buffer Overflow
Updated package.. - --------------------------------------------------------------------------Debian Security Advisory DSA 894-1
Nov 14, 2005
•Critical
Debian
91
security advisoryabiwordgentooGentoo: GLSA-200510-17 Normal: AbiWord RTF Import Threat
AbiWord is vulnerable to an additional set of buffer overflows during RTF import, making it vulnerable to the execution of arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200510-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: AbiWord: New RTF import buffer overflows Date: October 20, 2005 Bugs: #109157 ID: 200510-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= AbiWord is vulnerable to an additional set of buffer overflows during RTF import, making it vulnerable to the execution of arbitrary code. Background ========= AbiWord is a free and cross-platform word processing program. It allows to import RTF files into AbiWord documents. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-office/abiword < 2.2.11 > = 2.2.11 Description ========== Chris Evans discovered a different set of buffer overflows than the one described in GLSA 200509-20 in the RTF import function in AbiWord. Impact ===== An attacker could design a malicious RTF file and entice a user to import it in AbiWord, potentially resulting in the execution of arbitrary code with the rights of the user running AbiWord. Workaround ========= There is no known workaround at this time. Resolution ========= All AbiWord users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-office/abiword-2.2.11" References ========= [ 1 ] GLSA-200509-20 https://security.gentoo.org/glsa/200509-20 [ 2 ]CAN-2005-2972 https://www.cve.org/CVERecord?id=CAN-2005-2972 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200510-17 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to
Oct 20, 2005
Gentoo
89
security advisorymoderateabiwordFedora Core: 2004-412 Moderate: AbiWord Tempnam Fixes and Updates
Fixes for tempnam usages and startup geometry crashes. --------------------------------------------------------------------- Fedora Update Notification FEDORA-2004-412 2004-11-25 --------------------------------------------------------------------- Product : Fedora Core 3 Name : abiword Version : 2.0.12 Release : 7.fc3 Summary : The AbiWord word processor Description : AbiWord is a cross-platform Open Source word processor. The goal is to make AbiWord full-featured, and remain lean. --------------------------------------------------------------------- Update Information: Fixes for tempnam usages and startup geometry crashes --------------------------------------------------------------------- * Wed Nov 24 2004 Caolan McNamara 1:2.0.12-7.fc3 - fix tempnam usage * Wed Nov 24 2004 Caolan McNamara 1:2.0.12-6.fc3 - fix tempnam usage * Wed Nov 24 2004 Caolan McNamara 1:2.0.12-5.fc3 - fix to stop #rh140321# --------------------------------------------------------------------- This update can be downloaded from: 778a9ee7f74d56e78e17bbf6f40b2e97 SRPMS/abiword-2.0.12-7.fc3.src.rpm 610407134efcd14326e570c5e8567121 x86_64/abiword-2.0.12-7.fc3.x86_64.rpm 7611b77e7eae2cae989f547b35ea7c61 x86_64/debug/abiword-debuginfo-2.0.12-7.fc3.x86_64.rpm 58746c14e19b02a07bc73e3e13d3363a i386/abiword-2.0.12-7.fc3.i386.rpm 6fcad706304536c882294c5e88378f43 i386/debug/abiword-debuginfo-2.0.12-7.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- fedora-announce-list mailing list
Nov 25, 2004
Fedora
89
security advisoryabiwordfedora coreFedora Core 3: FEDORA-2004-429 Critical: AbiWord CTRL-A Crash
Backport fix to stop #rh139201# crash on CTRL-A and making font changes. --------------------------------------------------------------------- Fedora Update Notification FEDORA-2004-429 2004-11-16 --------------------------------------------------------------------- Product : Fedora Core 3 Name : abiword Version : 2.0.12 Release : 4.fc3 Summary : The AbiWord word processor Description : AbiWord is a cross-platform Open Source word processor. The goal is to make AbiWord full-featured, and remain lean. --------------------------------------------------------------------- * Mon Nov 15 2004 Caolan McNamara 1:2.0.12-4.fc3 - Backport fix to stop #rh139201# crash on CTRL-A and making font changes --------------------------------------------------------------------- This update can be downloaded from: fa124c8c78d0a018c50c352275af9361 SRPMS/abiword-2.0.12-4.fc3.src.rpm 8731d81c569d56a825e554b30965db23 x86_64/abiword-2.0.12-4.fc3.x86_64.rpm e3979e4c7eac1f49180647ee06bb60a3 x86_64/debug/abiword-debuginfo-2.0.12-4.fc3.x86_64.rpm 1958568ff16f1e1292a825457dfe7720 i386/abiword-2.0.12-4.fc3.i386.rpm 94188181a77099f00d635ae137b63836 i386/debug/abiword-debuginfo-2.0.12-4.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- fedora-announce-list mailing list
Nov 16, 2004
•Critical
Fedora
87
security advisoryabiwordbuffer overflowDebian 3.0: DSA 579-1 Critical: Abiword Buffer Overflow Threat
A buffer overflow vulnerability has been disovered in the wv library, used for converting and previewing word documents. On exploition an attacker could execute arbitrary code with the privileges of the user running the vulnerable application.. -------------------------------------------------------------------------- Debian Security Advisory DSA 579-1
Nov 01, 2004
•Critical
Debian
89
security advisorymoderateabiwordFedora Core 2: FEDORA-2004-225 Moderate: AbiWord Undefined Security Fix
2.0.5 + wv security backport. CORE 2: Fedora Update Notification FEDORA-2004-225 2004-07-23 --------------------------------------------------------------------- Product : Fedora Core 2 Name : abiword Version : 2.0.5 Release : 2 Summary : The AbiWord word processor Description : AbiWord is a cross-platform Open Source word processor. The goal is to make AbiWord full-featured, and remain lean. --------------------------------------------------------------------- Update Information: security update --------------------------------------------------------------------- * Fri Jul 16 2004 Caolan McNamara 1:2.0.5-2 - 2.0.5 + wv security backport --------------------------------------------------------------------- This update can be downloaded from: 196d7e51349cf2df2de47edff5e55f24 SRPMS/abiword-2.0.5-2.src.rpm 524da0b9e261f7a8b0e6d8e777d9e259 x86_64/abiword-2.0.5-2.x86_64.rpm badda668a87cb691b68a299c70b33e99 x86_64/debug/abiword-debuginfo-2.0.5-2.x86_64.rpm 4a475310a4b29cbc0401a779e4fcd011 i386/abiword-2.0.5-2.i386.rpm 6b2aec51072118dfb0f036d431cff1a0 i386/debug/abiword-debuginfo-2.0.5-2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- CORE 1: Fedora Update Notification FEDORA-2004-224 2004-07-23 --------------------------------------------------------------------- Product : Fedora Core 1 Name : abiword Version : 2.0.1 Release : 2 Summary : The AbiWord word processor Description : AbiWord is a cross-platform Open Source word processor. The goal is to make AbiWord full-featured, and remain lean. --------------------------------------------------------------------- Update Information: security update --------------------------------------------------------------------- * Fri Jul 16 2004 Caolan McNamara 1:2.0.1-2 -2.0.1 + wv security fix --------------------------------------------------------------------- This update can be downloaded from: e57b546e8f11d9f363397b68a014369a SRPMS/abiword-2.0.1-2.src.rpm 044b7b4865d3ec84ae88b51a9782c76b x86_64/abiword-2.0.1-2.x86_64.rpm f4521bbad47d5dc290a679ccf9ace04c x86_64/debug/abiword-debuginfo-2.0.1-2.x86_64.rpm 2d06a7e349ae064125bf9df5b8e0e1ff i386/abiword-2.0.1-2.i386.rpm 38e2456246b235e1698f1a74fa35374b i386/debug/abiword-debuginfo-2.0.1-2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. . Vital enhancements to AbiWord's security within Fedora strengthen overall system integrity through important updates and modified implementations.. Fedora Update, AbiWord Security, Core 2 Update, Undefined Fix, Word Processor Update. . LinuxSecurity.com Team
Jul 23, 2004
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!