CVE-2004-0645
CVSS10.0
发布时间 :2004-08-06 00:00:00
修订时间 :2008-09-10 15:27:08
NMCOPS    

[原文]Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field.


[CNNVD]wvWare库Field.c wvHandleDateTimePicture()函数远程缓冲区溢出漏洞(CNNVD-200408-118)

        
        wvWare是一个用于装载和解析Microsoft Word文件的库。
        wvWare wvHandleDateTimePicture()函数存在缓冲区溢出,远程攻击者可以利用这个漏洞构建恶意文档,诱使用户访问,可能以进程权限在系统上执行任意指令。
        问题发生在field.c文件中处理文档DateTime字段的wvHandleDateTimePicture()函数中:
        ... default:
         temp[0] = *token;
         temp[1] = '\0';
         strcat (timestr, temp);
         break; }
        ...
        由于strcat()不正确进行边界缓冲区检查,提交恶意文档,诱使使用wvware库的用户解析,可能以进程权限在系统上执行任意指令。
        

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:abisource:community_abiword:2.0.5
cpe:/a:abisource:community_abiword:2.0.6
cpe:/a:wvware:wvware:0.7.6
cpe:/a:abisource:community_abiword:2.0.4
cpe:/a:wvware:wvware:0.7.5
cpe:/a:abisource:community_abiword:2.0.3
cpe:/a:abisource:community_abiword:2.0.7
cpe:/a:wvware:wvware:0.7.4
cpe:/a:wvware:wvware:1.0

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0645
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0645
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200408-118
(官方数据源) CNNVD

- 其它链接及资源

http://www.idefense.com/application/poi/display?id=115&type=vulnerabilities
(VENDOR_ADVISORY)  IDEFENSE  20040709 wvWare Library Buffer Overflow Vulnerability
http://security.gentoo.org/glsa/glsa-200407-11.xml
(VENDOR_ADVISORY)  GENTOO  GLSA-200407-11
https://bugzilla.fedora.us/show_bug.cgi?id=1906
(UNKNOWN)  FEDORA  FLSA:1906
http://xforce.iss.net/xforce/xfdb/16660
(VENDOR_ADVISORY)  XF  wvware-wvhandledatetimepicture-bo(16660)
http://www.osvdb.org/7761
(UNKNOWN)  OSVDB  7761
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:077
(UNKNOWN)  MANDRAKE  MDKSA-2004:077
http://www.freebsd.org/ports/portaudit/7a5430df-d562-11d8-b479-02e0185c0b53.html
(UNKNOWN)  CONFIRM  http://www.freebsd.org/ports/portaudit/7a5430df-d562-11d8-b479-02e0185c0b53.html
http://www.debian.org/security/2004/dsa-579
(UNKNOWN)  DEBIAN  DSA-579
http://cpan.cybercomm.nl/pub/gentoo-portage/app-text/wv/files/wv-1.0.0-fix_overflow.patch
(UNKNOWN)  CONFIRM  http://cpan.cybercomm.nl/pub/gentoo-portage/app-text/wv/files/wv-1.0.0-fix_overflow.patch
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000863
(UNKNOWN)  CONECTIVA  CLA-2004:863

- 漏洞信息

wvWare库Field.c wvHandleDateTimePicture()函数远程缓冲区溢出漏洞
危急 边界条件错误
2004-08-06 00:00:00 2005-10-20 00:00:00
远程  
        
        wvWare是一个用于装载和解析Microsoft Word文件的库。
        wvWare wvHandleDateTimePicture()函数存在缓冲区溢出,远程攻击者可以利用这个漏洞构建恶意文档,诱使用户访问,可能以进程权限在系统上执行任意指令。
        问题发生在field.c文件中处理文档DateTime字段的wvHandleDateTimePicture()函数中:
        ... default:
         temp[0] = *token;
         temp[1] = '\0';
         strcat (timestr, temp);
         break; }
        ...
        由于strcat()不正确进行边界缓冲区检查,提交恶意文档,诱使使用wvware库的用户解析,可能以进程权限在系统上执行任意指令。
        

- 公告与补丁

        厂商补丁:
        wvWare
        ------
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        wvWare Patch field.c patch
        
        
        http://www.abisource.com/bonsai/cvsview2.cgi?diff_mode=context&whitespace_mode=show&root=/cvsroot&subdir=wv&command=DIFF_FRAMESET&root=/cvsroot&file=field.c&rev1=1.19&rev2=1.20

- 漏洞信息 (F34908)

dsa-579.txt (PacketStormID:F34908)
2004-11-02 00:00:00
 
advisory,overflow,arbitrary
linux,debian
CVE-2004-0645
[点击下载]

Debian Security Advisory 579-1 - A buffer overflow vulnerability has been discovered in the wv library, used for converting and previewing word documents. On exploitation an attacker could execute arbitrary code with the privileges of the user running the vulnerable application.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 579-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
November 1st, 2004                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : abiword
Vulnerability  : buffer overflow
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2004-0645

A buffer overflow vulnerability has been disovered in the wv library,
used for converting and previewing word documents.  On exploition an
attacker could execute arbitrary code with the privileges of the user
running the vulnerable application.

For the stable distribution (woody) this problem has been fixed in
version 1.0.2+cvs.2002.06.05-1woody2.

The package in the unstable distribution (sid) is not affected.

We recommend that you upgrade your abiword package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/a/abiword/abiword_1.0.2+cvs.2002.06.05-1woody2.dsc
      Size/MD5 checksum:     1159 85bb20f96162736e29ade8d6558799d6
    http://security.debian.org/pool/updates/main/a/abiword/abiword_1.0.2+cvs.2002.06.05-1woody2.diff.gz
      Size/MD5 checksum:    48982 12356a29a3185ef367fd7a18a7374be0
    http://security.debian.org/pool/updates/main/a/abiword/abiword_1.0.2+cvs.2002.06.05.orig.tar.gz
      Size/MD5 checksum: 16407034 0b0e1f3e42a0627a28cea970b099049d

  Architecture independent components:

    http://security.debian.org/pool/updates/main/a/abiword/abiword-doc_1.0.2+cvs.2002.06.05-1woody2_all.deb
      Size/MD5 checksum:   950160 e102efac6a16ded87e5e437f687a0310
    http://security.debian.org/pool/updates/main/a/abiword/xfonts-abi_1.0.2+cvs.2002.06.05-1woody2_all.deb
      Size/MD5 checksum:   189372 96b1fd88bd7c779e692d1f97f4884992

  Alpha architecture:

    http://security.debian.org/pool/updates/main/a/abiword/abiword_1.0.2+cvs.2002.06.05-1woody2_alpha.deb
      Size/MD5 checksum:    12324 db3b4b84b9fe45dcbd3c2e50bdf3ea08
    http://security.debian.org/pool/updates/main/a/abiword/abiword-common_1.0.2+cvs.2002.06.05-1woody2_alpha.deb
      Size/MD5 checksum:   538558 745ddd234eebaba2d94b4dcb8482eb58
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gnome_1.0.2+cvs.2002.06.05-1woody2_alpha.deb
      Size/MD5 checksum:  2069076 b15d6f04af7fe12637fbf3f98bff3570
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gtk_1.0.2+cvs.2002.06.05-1woody2_alpha.deb
      Size/MD5 checksum:  1873718 f3c06b0ab36204d17bd7f35b8aaa9d9c
    http://security.debian.org/pool/updates/main/a/abiword/abiword-plugins_1.0.2+cvs.2002.06.05-1woody2_alpha.deb
      Size/MD5 checksum:   228192 0f93acbe004457b96665dfd404eb7a0d

  ARM architecture:

    http://security.debian.org/pool/updates/main/a/abiword/abiword_1.0.2+cvs.2002.06.05-1woody2_arm.deb
      Size/MD5 checksum:    12324 d79bb97457548ab36052e0e311168ac5
    http://security.debian.org/pool/updates/main/a/abiword/abiword-common_1.0.2+cvs.2002.06.05-1woody2_arm.deb
      Size/MD5 checksum:   536122 c9a40134dad59a82a902e734c8011f78
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gnome_1.0.2+cvs.2002.06.05-1woody2_arm.deb
      Size/MD5 checksum:  1716898 e16c92223a1d79b11e13723dfe440b70
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gtk_1.0.2+cvs.2002.06.05-1woody2_arm.deb
      Size/MD5 checksum:  1533466 519589fac25720cb9932949a16e435e9
    http://security.debian.org/pool/updates/main/a/abiword/abiword-plugins_1.0.2+cvs.2002.06.05-1woody2_arm.deb
      Size/MD5 checksum:   154748 69f4844084b35e02af75d2350970ae5f

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/a/abiword/abiword_1.0.2+cvs.2002.06.05-1woody2_i386.deb
      Size/MD5 checksum:    12316 56e899f5073f4ecf10b6cb29802da76f
    http://security.debian.org/pool/updates/main/a/abiword/abiword-common_1.0.2+cvs.2002.06.05-1woody2_i386.deb
      Size/MD5 checksum:   533908 f3d4e7035c0d0e9fcf6c53386f9305f6
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gnome_1.0.2+cvs.2002.06.05-1woody2_i386.deb
      Size/MD5 checksum:  1677628 bafc31f34a7f940268acb69e708db7c8
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gtk_1.0.2+cvs.2002.06.05-1woody2_i386.deb
      Size/MD5 checksum:  1491442 a87d8c81b54987eee14cfa5ad4cfa599
    http://security.debian.org/pool/updates/main/a/abiword/abiword-plugins_1.0.2+cvs.2002.06.05-1woody2_i386.deb
      Size/MD5 checksum:   219836 2de08d80c8581d9814047c11e41d98fc

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/a/abiword/abiword_1.0.2+cvs.2002.06.05-1woody2_ia64.deb
      Size/MD5 checksum:    12326 16aae240a8308465fcc04e7f9697d64a
    http://security.debian.org/pool/updates/main/a/abiword/abiword-common_1.0.2+cvs.2002.06.05-1woody2_ia64.deb
      Size/MD5 checksum:   542536 e9fcc8cb137cde1015f854c6383e803f
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gnome_1.0.2+cvs.2002.06.05-1woody2_ia64.deb
      Size/MD5 checksum:  2121940 fb962d5debe790b0a9ea5da9b82f1500
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gtk_1.0.2+cvs.2002.06.05-1woody2_ia64.deb
      Size/MD5 checksum:  1939620 d84fc2069f1af2ce581f6a876179c567
    http://security.debian.org/pool/updates/main/a/abiword/abiword-plugins_1.0.2+cvs.2002.06.05-1woody2_ia64.deb
      Size/MD5 checksum:   311806 1664fc9ec9ed17f7c355aa2b27c9cb27

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/a/abiword/abiword_1.0.2+cvs.2002.06.05-1woody2_hppa.deb
      Size/MD5 checksum:    12322 fbe7366ac7c2d84eaa840c29bb0f0870
    http://security.debian.org/pool/updates/main/a/abiword/abiword-common_1.0.2+cvs.2002.06.05-1woody2_hppa.deb
      Size/MD5 checksum:   537778 0e13ea49a4bf688b99297c6fa60ddbe0
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gnome_1.0.2+cvs.2002.06.05-1woody2_hppa.deb
      Size/MD5 checksum:  2039786 f91d12d4d6ba552a42cf4562d358f5f3
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gtk_1.0.2+cvs.2002.06.05-1woody2_hppa.deb
      Size/MD5 checksum:  1821044 ed470c31af565d3a836dbaed6b5956c9
    http://security.debian.org/pool/updates/main/a/abiword/abiword-plugins_1.0.2+cvs.2002.06.05-1woody2_hppa.deb
      Size/MD5 checksum:   195742 8f70554c0e9fab92c733e084ac435796

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/a/abiword/abiword_1.0.2+cvs.2002.06.05-1woody2_m68k.deb
      Size/MD5 checksum:    12326 fda3aee08b6c7a36552c44c9e18dc2f3
    http://security.debian.org/pool/updates/main/a/abiword/abiword-common_1.0.2+cvs.2002.06.05-1woody2_m68k.deb
      Size/MD5 checksum:   533074 623de2757f85e5f40404ad7178600900
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gnome_1.0.2+cvs.2002.06.05-1woody2_m68k.deb
      Size/MD5 checksum:  1602602 71341f13227b14ebebbdab7307170e5e
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gtk_1.0.2+cvs.2002.06.05-1woody2_m68k.deb
      Size/MD5 checksum:  1416262 4123606f88103837cb0b1716e5332edc
    http://security.debian.org/pool/updates/main/a/abiword/abiword-plugins_1.0.2+cvs.2002.06.05-1woody2_m68k.deb
      Size/MD5 checksum:   199616 c8cbb04072b54b12e5d790d190ed5e20

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/a/abiword/abiword_1.0.2+cvs.2002.06.05-1woody2_mips.deb
      Size/MD5 checksum:    12324 2a9e9d8590cbff7e6eae6210dcda5963
    http://security.debian.org/pool/updates/main/a/abiword/abiword-common_1.0.2+cvs.2002.06.05-1woody2_mips.deb
      Size/MD5 checksum:   536334 34b58292b19a97c7caf03fa8649f9588
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gnome_1.0.2+cvs.2002.06.05-1woody2_mips.deb
      Size/MD5 checksum:  1701150 4233b20af6d518aef680721c6e9d224f
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gtk_1.0.2+cvs.2002.06.05-1woody2_mips.deb
      Size/MD5 checksum:  1513420 4e9ff72a764e615974d97bd1078955b6
    http://security.debian.org/pool/updates/main/a/abiword/abiword-plugins_1.0.2+cvs.2002.06.05-1woody2_mips.deb
      Size/MD5 checksum:   205038 d02601a4bf14e98e8b43f0773b25e0c4

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/a/abiword/abiword_1.0.2+cvs.2002.06.05-1woody2_mipsel.deb
      Size/MD5 checksum:    12322 33fbc540d53404e519a6696930e94193
    http://security.debian.org/pool/updates/main/a/abiword/abiword-common_1.0.2+cvs.2002.06.05-1woody2_mipsel.deb
      Size/MD5 checksum:   536470 367d3892a482f12e69f4a78ab94925b9
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gnome_1.0.2+cvs.2002.06.05-1woody2_mipsel.deb
      Size/MD5 checksum:  1663230 72a084359b72dbb54d77ccf5fc2dbc5f
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gtk_1.0.2+cvs.2002.06.05-1woody2_mipsel.deb
      Size/MD5 checksum:  1480868 f3e424b1b36eef3bcb52c422e36393ec
    http://security.debian.org/pool/updates/main/a/abiword/abiword-plugins_1.0.2+cvs.2002.06.05-1woody2_mipsel.deb
      Size/MD5 checksum:   202908 a145263d08da2e5dad0d611869180def

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/a/abiword/abiword_1.0.2+cvs.2002.06.05-1woody2_powerpc.deb
      Size/MD5 checksum:    12316 e4d9763a95a99175919c1da05fbd35d7
    http://security.debian.org/pool/updates/main/a/abiword/abiword-common_1.0.2+cvs.2002.06.05-1woody2_powerpc.deb
      Size/MD5 checksum:   534710 596bbd310236e97c3d967ff6fac45e2a
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gnome_1.0.2+cvs.2002.06.05-1woody2_powerpc.deb
      Size/MD5 checksum:  1716300 a77a54353c0f17ae35f363931dae7d47
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gtk_1.0.2+cvs.2002.06.05-1woody2_powerpc.deb
      Size/MD5 checksum:  1527752 1d6a0d11fb0a4c0d59e3a84b9457964d
    http://security.debian.org/pool/updates/main/a/abiword/abiword-plugins_1.0.2+cvs.2002.06.05-1woody2_powerpc.deb
      Size/MD5 checksum:   211422 bdf81bbb6ad1e18ba5140a06d4ba6493

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/a/abiword/abiword_1.0.2+cvs.2002.06.05-1woody2_s390.deb
      Size/MD5 checksum:    12322 41066489465b7dc84e7512a8b2467215
    http://security.debian.org/pool/updates/main/a/abiword/abiword-common_1.0.2+cvs.2002.06.05-1woody2_s390.deb
      Size/MD5 checksum:   535134 7bee77890a9237f6a45d44c9a6fa3fb0
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gnome_1.0.2+cvs.2002.06.05-1woody2_s390.deb
      Size/MD5 checksum:  1603758 13a836f504b4698bce96b010e6c6a1ef
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gtk_1.0.2+cvs.2002.06.05-1woody2_s390.deb
      Size/MD5 checksum:  1417836 da47311e33507bccba7da3ff9eb9a890
    http://security.debian.org/pool/updates/main/a/abiword/abiword-plugins_1.0.2+cvs.2002.06.05-1woody2_s390.deb
      Size/MD5 checksum:   203140 bdaa7fe49b1fb7097e9bf7d8fec42d5c

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/a/abiword/abiword_1.0.2+cvs.2002.06.05-1woody2_sparc.deb
      Size/MD5 checksum:    12326 af26ffe3a8a0c96f62f5a93003e11c77
    http://security.debian.org/pool/updates/main/a/abiword/abiword-common_1.0.2+cvs.2002.06.05-1woody2_sparc.deb
      Size/MD5 checksum:   537396 0b7459a387b34d02fcdf200948022936
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gnome_1.0.2+cvs.2002.06.05-1woody2_sparc.deb
      Size/MD5 checksum:  1656854 67a1f7d6d4cc1d0a2c120a61e9983ac2
    http://security.debian.org/pool/updates/main/a/abiword/abiword-gtk_1.0.2+cvs.2002.06.05-1woody2_sparc.deb
      Size/MD5 checksum:  1470270 36c383eec00251183eab2e4cd3add41d
    http://security.debian.org/pool/updates/main/a/abiword/abiword-plugins_1.0.2+cvs.2002.06.05-1woody2_sparc.deb
      Size/MD5 checksum:   193240 c86d477d0eda07aa9822817933b4413d


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBhluQW5ql+IAeqTIRAjbeAJsGBRyVSvrKZUO9dtjgpzmYnAY4dwCfc299
52DJk5yBb2HmbajeZBcOSew=
=sG2c
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F33774)

iDEFENSE Security Advisory 2004-07-09.t (PacketStormID:F33774)
2004-07-13 00:00:00
iDefense Labs  idefense.com
advisory,overflow
CVE-2004-0645
[点击下载]

iDEFENSE Security Advisory 07.09.04: The wv library has been found to contain a buffer overflow condition that can be exploited through a specially crafted document.

wvWare Library Buffer Overflow Vulnerability

iDEFENSE Security Advisory 07.09.04:

*I. BACKGROUND*

Caol    

- 漏洞信息

7761
wv Library Document DateTime Field Overflow
Remote / Network Access, Context Dependent Input Manipulation
Loss of Integrity Workaround, Patch / RCS
Exploit Private Vendor Verified, Coordinated Disclosure

- 漏洞描述

- 时间线

2004-07-09 Unknow
Unknow 2004-07-09

- 解决方案

Dom Lachowicz has released a patch to address this vulnerability. Additionally, it is possible to temporarily work around the flaw by implementing the following workaround: Only open documents from trusted sources, and disable HTML view when opening MS Word documents with applications utilizing the wv library.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

wvWare Library Field.c WVHANDLEDATETIMEPICTURE Function Remote Buffer Overflow Vulnerability
Boundary Condition Error 10699
Yes No
2004-07-09 12:00:00 2009-07-12 06:16:00
Discovery is credited to Karol Weisek.

- 受影响的程序版本

wvWare wvWare 1.0
wvWare wvWare 0.7.6
wvWare wvWare 0.7.5
wvWare wvWare 0.7.4
wvWare wvWare 0.7.1
wvWare wvWare 0.7
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Conectiva Linux 10.0
AbiSource Community AbiWord 2.0.7
AbiSource Community AbiWord 2.0.6
+ S.u.S.E. Linux Personal 9.2
AbiSource Community AbiWord 2.0.5
AbiSource Community AbiWord 2.0.4
AbiSource Community AbiWord 2.0.3
AbiSource Community AbiWord 1.0.4
+ RedHat Linux 9.0 i386
AbiSource Community AbiWord 1.0.2
AbiSource Community AbiWord 0.99.5
+ RedHat Linux 7.3 i386
AbiSource Community AbiWord 2.0.9
AbiSource Community AbiWord 2.0.8

- 不受影响的程序版本

AbiSource Community AbiWord 2.0.9
AbiSource Community AbiWord 2.0.8

- 漏洞讨论

wvWare is reported prone to a remote buffer overflow vulnerability that may allow attackers to execute arbitrary code on a vulnerable system in order to gain unauthorized access.

Successful exploit of this issue can allow a remote attacker to execute arbitrary code in the context of a vulnerable application.

This issue affects wvWare 0.7.4. Versions 0.7.5, 0.7.6 and 1.0.0 are also affected by a variant of this issue.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

A patch is available from the vendor to address this issue.

Debian Linux has released advisory DSA 579-1 along with fixes dealing with this issue. Please see the referenced advisory for more information.

Conectiva Linux has released advisory CLA-2004:863 and fixes to address this issue. Please see the referenced advisory for further information.

Gentoo has released an advisory (GLSA 200407-11) to address this issue. Please see the referenced advisory for more information. Gentoo users can carry out the following commands to update their computers:

emerge sync
emerge -pv ">=app-text/wv-1.0.0-r1"
emerge ">=app-text/wv-1.0.0-r1"

Fedora has released advisory FEDORA-2004-224 for Core 1 and FEDORA-2004-225 for Core 2 along with fixes dealing with this issue. Please see the referenced advisories for more information.

Mandrake Linux has released advisory MDKSA-2004:077 to address this issue. Please see the referenced advisory for further information.

Debian Linux has released advisory DSA 550-1 along with fixes dealing with this issue. Please see the referenced advisory for more information.

SuSE Linux has made an advisory available dealing with this issue.

Conectiva has released advisory CLA-2004:902 for abiword. Please see the attached advisory for details on obtaining and applying fixes.

A Fedora Legacy advisory FLSA:1906 is available to address this issue in abiword for Red Hat 7.3 i386 and 9.0 i386. Please see the referenced advisory for more information.


wvWare wvWare 0.7

wvWare wvWare 0.7.1

wvWare wvWare 0.7.4

wvWare wvWare 0.7.5

wvWare wvWare 0.7.6

AbiSource Community AbiWord 0.99.5

wvWare wvWare 1.0

AbiSource Community AbiWord 1.0.2

AbiSource Community AbiWord 1.0.4

AbiSource Community AbiWord 2.0.3

AbiSource Community AbiWord 2.0.4

AbiSource Community AbiWord 2.0.5

AbiSource Community AbiWord 2.0.6

AbiSource Community AbiWord 2.0.7

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站