Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.58231
Category:Turbolinux Local Security Tests
Title:Turbolinux TLSA-2007-27 (libwpd)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to libwpd
announced via advisory TLSA-2007-27.

libwpd is a C++ library designed to help process WordPerfect documents. It
is most commonly used to import WordPerfect documents into other word processors
(see below), but may be useful in other cases as well.

Multiple heap-based buffer overflows in WordPerfect Document importer/exporter.

Memote attackers to cause a denial of service (application crash) and possibly
execute arbitrary code via a crafted WordPerfect file via values to loop
counters that are not properly handled.

Solution: Please use the turbopkg (zabom) tool to apply the update.
http://www.securityspace.com/smysecure/catid.html?in=TLSA-2007-27

Risk factor : Critical

CVSS Score:
9.3

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-0002
BugTraq ID: 23006
http://www.securityfocus.com/bid/23006
Bugtraq: 20070316 rPSA-2007-0057-1 libwpd (Google Search)
http://www.securityfocus.com/archive/1/463033/100/0/threaded
Debian Security Information: DSA-1268 (Google Search)
http://www.debian.org/security/2007/dsa-1268
Debian Security Information: DSA-1270 (Google Search)
http://www.debian.org/security/2007/dsa-1270
http://fedoranews.org/cms/node/2805
http://security.gentoo.org/glsa/glsa-200704-07.xml
http://www.gentoo.org/security/en/glsa/glsa-200704-12.xml
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=490
http://www.mandriva.com/security/advisories?name=MDKSA-2007:063
http://www.mandriva.com/security/advisories?name=MDKSA-2007:064
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11535
http://www.redhat.com/support/errata/RHSA-2007-0055.html
http://www.securitytracker.com/id?1017789
http://secunia.com/advisories/24465
http://secunia.com/advisories/24507
http://secunia.com/advisories/24557
http://secunia.com/advisories/24572
http://secunia.com/advisories/24573
http://secunia.com/advisories/24580
http://secunia.com/advisories/24581
http://secunia.com/advisories/24588
http://secunia.com/advisories/24591
http://secunia.com/advisories/24593
http://secunia.com/advisories/24613
http://secunia.com/advisories/24794
http://secunia.com/advisories/24856
http://secunia.com/advisories/24906
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.399659
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102863-1
SuSE Security Announcement: SUSE-SA:2007:023 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0007.html
http://www.ubuntu.com/usn/usn-437-1
http://www.vupen.com/english/advisories/2007/0976
http://www.vupen.com/english/advisories/2007/1032
http://www.vupen.com/english/advisories/2007/1339
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.