CVE-2007-1466

2007-03-16 22:19:00 2018-10-16 18:38:37

Integer overflow in the WP6GeneralTextPacket::_readContents function in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted WordPerfect file, a different vulnerability than CVE-2007-0002.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Sourceforge Wordperfect document importer-exporter 0.8.8 (not an official CPE)

Sourceforge - Wordperfect document importer-exporter

Advisory	Patch	Confirmed	Link
			ADV-2007-0976
			USN-437-1
			1017789
			20070316 rPSA-2007-0057-1 libwpd
			23006
			RHSA-2007:0055
			MDKSA-2007:064
			RHSA-2007:0033
			MDKSA-2007:063
			102863
			DSA-1268
			GLSA-200704-07
			http://sourceforge.net/project/shownotes.php?release_id=...
			20070316 Multiple Vendor libwpd Multiple Buffer Overflow...
			FEDORA-2007-350

Numeric Errors (ID 189)

Related CVE(s) 1 CVE-2007-0002 CVSS 9.3