CVE-2005-2964 — HIGH (7.5) — White Hats Nepal

Q: What is CVE-2005-2964?

CVE-2005-2964 is a vulnerability with a CVSS score of 7.5 (HIGH). Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism.

Q: How severe is CVE-2005-2964?

CVE-2005-2964 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2005-2964?

Check the references section above for vendor advisories and patch information. Affected products include: Abisource Community Abiword.

Vulnerability Description

Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Abisource	Community Abiword	<= 2.2.9

References

http://secunia.com/advisories/16982
http://secunia.com/advisories/16990
http://secunia.com/advisories/17012
http://secunia.com/advisories/17052
http://secunia.com/advisories/17070
http://secunia.com/advisories/17215
http://secunia.com/advisories/17551
http://securitytracker.com/id?1014982
http://www.abiword.org/release-notes/2.2.10.phtmlPatch
http://www.debian.org/security/2005/dsa-894
http://www.gentoo.org/security/en/glsa/glsa-200509-20.xml
http://www.gentoo.org/security/en/glsa/glsa-200510-04.xml
http://www.novell.com/linux/security/advisories/2005_23_sr.html
http://www.osvdb.org/19717
http://www.securityfocus.com/bid/14971

FAQ

What is CVE-2005-2964?

CVE-2005-2964 is a vulnerability with a CVSS score of 7.5 (HIGH). Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism.

How severe is CVE-2005-2964?

CVE-2005-2964 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-2964?

Check the references section above for vendor advisories and patch information. Affected products include: Abisource Community Abiword.