aboutsummaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorRemko Lodder <remko@FreeBSD.org>2006-02-20 14:29:51 +0000
committerRemko Lodder <remko@FreeBSD.org>2006-02-20 14:29:51 +0000
commit3073642d70d23b5800cab6e5d1c73ecf0d78e682 (patch)
tree28ab1ece1d0aeb294e735c9fde5873b32daa0895 /security
parent9d45c27a39c313749d2c4be1047e46becdfb0c42 (diff)
downloadports-3073642d70d23b5800cab6e5d1c73ecf0d78e682.tar.gz
ports-3073642d70d23b5800cab6e5d1c73ecf0d78e682.zip
Notes
Diffstat (limited to 'security')
-rw-r--r--security/vuxml/vuln.xml30
1 files changed, 30 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 4d18d7ba79b6..0d5746bd032f 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -34,6 +34,36 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="9cd52bc6-a213-11da-b410-000e0c2e438a">
+ <topic>abiword -- stack based buffer overflow vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>abiword</name>
+ <range><lt>2.2.11</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Chris Evans reports that AbiWord is vulnerable to multiple
+ stack-based buffer overflow vulnerabilities. This
+ is caused by improper checking of the user-supplied data
+ before it is being copied to an too small buffer. The
+ vulnerability is triggered when someone is importing RTF
+ files.</p>
+ </body>
+ </description>
+ <references>
+ <bid>15096</bid>
+ <cvename>CAN-2005-2972</cvename>
+ <url>http://scary.beasts.org/security/CESA-2005-006.txt</url>
+ <url>http://www.abisource.com/changelogs/2.2.11.phtml</url>
+ </references>
+ <dates>
+ <discovery>2005-10-14</discovery>
+ <entry>2006-02-20</entry>
+ </dates>
+ </vuln>
+
<vuln vid="17c2a61e-a20b-11da-b410-000e0c2e438a">
<topic>pinentry -- local privilege escalation</topic>
<affects>