CVE-2007-0002
Last modified
CVE-2007-0002 is a vulnerability of currently unknown severity. Multiple heap-based buffer overflows in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allow user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted WordPerfect file in which values to loop counters are not properly handled in the (1) WP3TablesGroup::_readContents and (2) WP5DefinitionGroup_DefineTablesSubGroup::WP5DefinitionGroup_DefineTablesSubGroup functions. NOTE: the integer overflow has been split into CVE-2007-1466.. EPSS estimates a 6.72% chance of exploitation in the next 30 days.
Description
Multiple heap-based buffer overflows in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allow user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted WordPerfect file in which values to loop counters are not properly handled in the (1) WP3TablesGroup::_readContents and (2) WP5DefinitionGroup_DefineTablesSubGroup::WP5DefinitionGroup_DefineTablesSubGroup functions. NOTE: the integer overflow has been split into CVE-2007-1466.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Libwpd | Libwpd Library | <= 0.8.8 |
| Libwpd | Libwpd Library | 0.8.2 |
| Libwpd | Libwpd Library | 0.8.6 |
| Libwpd | Libwpd Library | 0.8.7 |
References
- http://secunia.com/advisories/24465Vendor Advisory
- http://secunia.com/advisories/24507Vendor Advisory
- http://secunia.com/advisories/24557Vendor Advisory
- http://secunia.com/advisories/24572Vendor Advisory
- http://secunia.com/advisories/24573Vendor Advisory
- http://secunia.com/advisories/24580Vendor Advisory
- http://secunia.com/advisories/24581Vendor Advisory
- http://secunia.com/advisories/24588Vendor Advisory
- http://secunia.com/advisories/24591Vendor Advisory
- http://secunia.com/advisories/24593Vendor Advisory
- http://secunia.com/advisories/24613Vendor Advisory
- http://secunia.com/advisories/24794Vendor Advisory
- http://secunia.com/advisories/24856Vendor Advisory
- http://secunia.com/advisories/24906Vendor Advisory
- http://www.redhat.com/support/errata/RHSA-2007-0055.htmlVendor Advisory
- http://www.vupen.com/english/advisories/2007/0976Vendor Advisory
- http://www.vupen.com/english/advisories/2007/1032Vendor Advisory
- http://www.vupen.com/english/advisories/2007/1339Vendor Advisory
- http://secunia.com/advisories/24465Vendor Advisory
- http://secunia.com/advisories/24507Vendor Advisory
- http://secunia.com/advisories/24557Vendor Advisory
- http://secunia.com/advisories/24572Vendor Advisory
- http://secunia.com/advisories/24573Vendor Advisory
- http://secunia.com/advisories/24580Vendor Advisory
- http://secunia.com/advisories/24581Vendor Advisory
- http://secunia.com/advisories/24588Vendor Advisory
- http://secunia.com/advisories/24591Vendor Advisory
- http://secunia.com/advisories/24593Vendor Advisory
- http://secunia.com/advisories/24613Vendor Advisory
- http://secunia.com/advisories/24794Vendor Advisory
- http://secunia.com/advisories/24856Vendor Advisory
- http://secunia.com/advisories/24906Vendor Advisory
- http://www.redhat.com/support/errata/RHSA-2007-0055.htmlVendor Advisory
- http://www.vupen.com/english/advisories/2007/0976Vendor Advisory
- http://www.vupen.com/english/advisories/2007/1032Vendor Advisory
- http://www.vupen.com/english/advisories/2007/1339Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2007-0002?
How severe is CVE-2007-0002?
How do I fix CVE-2007-0002?
Are you affected by CVE-2007-0002?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST