Test ID:	1.3.6.1.4.1.25623.1.0.55645
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2005:185 (koffice)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to koffice announced via advisory MDKSA-2005:185. Chris Evans reported a heap based buffer overflow in the RTF importer of KWord. An attacker could provide a specially crafted RTF file, which when opened in KWord can cause execution of abitrary code. The updated packages are patched to deal with these issues. Affected versions: 10.2, 2006.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:185 Risk factor : High CVSS Score: 7.5
Cross-Ref:	BugTraq ID: 15060 Common Vulnerability Exposure (CVE) ID: CVE-2005-2971 http://www.securityfocus.com/bid/15060 Debian Security Information: DSA-872 (Google Search) http://www.debian.org/security/2005/dsa-872 http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00042.html http://www.gentoo.org/security/en/glsa/glsa-200510-12.xml http://scary.beasts.org/security/CESA-2005-005.txt http://securitytracker.com/id?1015035 http://secunia.com/advisories/17145/ http://secunia.com/advisories/17171 http://secunia.com/advisories/17190 http://secunia.com/advisories/17212 http://secunia.com/advisories/17332 http://secunia.com/advisories/17480 http://secunia.com/advisories/17486 http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.388487 SuSE Security Announcement: SUSE-SR:2005:025 (Google Search) http://www.novell.com/linux/security/advisories/2005_25_sr.html https://usn.ubuntu.com/202-1/ XForce ISS Database: koffice-kword-rtf-importer-bo(22562) https://exchange.xforce.ibmcloud.com/vulnerabilities/22562
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.