CVE ID:	CVE-2005-2972
Description:	Multiple stack-based buffer overflows in the RTF import feature in AbiWord before 2.2.11 allow user-assisted attackers to execute arbitrary code via an RTF file with long identifiers, which are not properly handled in the (1) ParseLevelText, (2) getCharsInsideBrace, (3) HandleLists, (4) or (5) HandleAbiLists functions in ie_imp_RTF.cpp, a different vulnerability than CVE-2005-2964.
Test IDs:	1.3.6.1.4.1.25623.1.0.55633   1.3.6.1.4.1.25623.1.0.56317   1.3.6.1.4.1.25623.1.0.55632   1.3.6.1.4.1.25623.1.0.55712
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2005-2972 http://scary.beasts.org/security/CESA-2005-006.txt http://www.mail-archive.com/debian-bugs-rc@lists.debian.org/msg28251.html Debian Security Information: DSA-894 (Google Search) http://www.debian.org/security/2005/dsa-894 http://www.gentoo.org/security/en/glsa/glsa-200510-17.xml http://www.ubuntulinux.org/support/documentation/usn/usn-203-1 BugTraq ID: 15096 http://www.securityfocus.com/bid/15096 http://www.vupen.com/english/advisories/2005/2086 http://www.osvdb.org/20015 http://secunia.com/advisories/17199 http://secunia.com/advisories/17200 http://secunia.com/advisories/17213 http://secunia.com/advisories/17264 http://secunia.com/advisories/17551

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: