blob: 5082046fd21a6c62bb67a4c395a8aa0bac87869b [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200501-15">
<title>UnRTF: Buffer overflow</title>
A buffer overflow in UnRTF allows an attacker to execute arbitrary code by
way of a specially crafted RTF file.
<product type="ebuild">app-text/unrtf</product>
<announced>January 10, 2005</announced>
<revised>January 10, 2005: 01</revised>
<package name="app-text/unrtf" auto="yes" arch="*">
<unaffected range="ge">0.19.3-r1</unaffected>
<vulnerable range="lt">0.19.3-r1</vulnerable>
UnRTF is a utility to convert files in the Rich Text Format into
other formats.
An unchecked strcat() in unrtf may overflow the bounds of a static
<impact type="normal">
Using a specially crafted file, possibly delivered by e-mail or
over the web, an attacker may execute arbitrary code with the
permissions of the user running UnRTF.
There is no known workaround at this time.
All unrtf users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=app-text/unrtf-0.19.3-r1&quot;</code>
<uri link="">Original Announcement</uri>
<metadata tag="requester" timestamp="Sat, 8 Jan 2005 19:54:59 +0000">
<metadata tag="bugReady" timestamp="Sat, 8 Jan 2005 19:55:37 +0000">
<metadata tag="submitter" timestamp="Sun, 9 Jan 2005 05:15:13 +0000">