HTTP: Multiple Vendor libwpd WP3TablesGroup Heap Overflow
This signature detects attempts to exploit a known buffer overflow vulnerability in open source WordPerfect Document Importer/Exporter (libwpd) library. It is due to improper boundary check when processing crafted WordPerfect documents. An attacker can exploit this vulnerability by persuading a victim to open a specially crafted WordPerfect (WPD) document. Successful exploitation of this vulnerability may lead to arbitrary code execution in the context of the currently logged in user. In an attack scenario, where arbitrary code is attempted to be injected and executed on the target machine, the behaviour of the target is dependent on the intention of the malicious code. If such an attack fails to execute successfully, the application using the vulnerable component may terminate as a result of the exploitation.
Extended Description
The libwpd library is prone to multiple buffer-overflow vulnerabilities because it fails to adequately check boundaries on user-supplied input. A successful exploit could let a remote attacker execute arbitrary code in the context of an application using the affected library. This issue affects libwpd 0.8.7; other versions prior to 0.8.9 may also be affected.
Affected Products
Debian linux
Short Name
HTTP:STC:DL:WPD-WP3-TABLE-BO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2007-0002 Heap Multiple Overflow Vendor WP3TablesGroup bid:23006 libwpd
Release Date
07/26/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Red_hat
Suse
Libwpd
Gentoo
Sun
Rpath
Turbolinux
Sgi
Pardus
Slackware
Ubuntu
Mandriva
Foresight_linux
Debian
CVSS Score
9.3