DEBIAN-CVE-2005-2972

Source
https://security-tracker.debian.org/tracker/CVE-2005-2972
Import Source
https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2005-2972.json
JSON Data
https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2005-2972
Upstream
Published
2005-10-23T10:02:00Z
Modified
2025-09-19T06:05:56Z
Summary
[none]
Details

Multiple stack-based buffer overflows in the RTF import feature in AbiWord before 2.2.11 allow user-assisted attackers to execute arbitrary code via an RTF file with long identifiers, which are not properly handled in the (1) ParseLevelText, (2) getCharsInsideBrace, (3) HandleLists, (4) or (5) HandleAbiLists functions in ieimpRTF.cpp, a different vulnerability than CVE-2005-2964.

References

Affected packages

Debian:11 / abiword

Package

Name
abiword
Purl
pkg:deb/debian/abiword?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.1-1

Ecosystem specific

{
    "urgency": "medium"
}

Debian:12 / abiword

Package

Name
abiword
Purl
pkg:deb/debian/abiword?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.1-1

Ecosystem specific

{
    "urgency": "medium"
}

Debian:13 / abiword

Package

Name
abiword
Purl
pkg:deb/debian/abiword?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.1-1

Ecosystem specific

{
    "urgency": "medium"
}

Debian:14 / abiword

Package

Name
abiword
Purl
pkg:deb/debian/abiword?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.1-1

Ecosystem specific

{
    "urgency": "medium"
}