Slackware Advisory SSA:2005-310-02 KOffice/KWord Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2005-310-02.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2005-310-02

Insight

New KOffice packages are available for Slackware 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue with KWord. A buffer overflow in the RTF import functionality could result in the execution of arbitrary code. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2971

Severity

Classification

CVE CVE-2005-2971
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Slackware Advisory SSA:2004-026-01 GAIM security update
Slackware Advisory SSA:2004-111-01 xine security update
Slackware Advisory SSA:2006-045-09 xpdf
Slackware Advisory SSA:2005-203-04 gxine format string vulnerability
Slackware Advisory SSA:2004-305-01 apache+mod_ssl

Take action and discover your vulnerabilities