CVE-2004-0645

2004-08-0604:00:00

Debian Security Bug Tracker

security-tracker.debian.org

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.097

Percentile

94.8%

JSON

Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field.

OSVersionArchitecturePackageVersionFilename
Debian12allabiword< 2.0.8abiword_2.0.8_all.deb
Debian11allabiword< 2.0.8abiword_2.0.8_all.deb
Debian999allabiword< 2.0.8abiword_2.0.8_all.deb
Debian13allabiword< 2.0.8abiword_2.0.8_all.deb
Debian12allwv< 1.0.2-0.1wv_1.0.2-0.1_all.deb
Debian11allwv< 1.0.2-0.1wv_1.0.2-0.1_all.deb
Debian999allwv< 1.0.2-0.1wv_1.0.2-0.1_all.deb
Debian13allwv< 1.0.2-0.1wv_1.0.2-0.1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	abiword	< 2.0.8	abiword_2.0.8_all.deb
Debian	11	all	abiword	< 2.0.8	abiword_2.0.8_all.deb
Debian	999	all	abiword	< 2.0.8	abiword_2.0.8_all.deb
Debian	13	all	abiword	< 2.0.8	abiword_2.0.8_all.deb
Debian	12	all	wv	< 1.0.2-0.1	wv_1.0.2-0.1_all.deb
Debian	11	all	wv	< 1.0.2-0.1	wv_1.0.2-0.1_all.deb
Debian	999	all	wv	< 1.0.2-0.1	wv_1.0.2-0.1_all.deb
Debian	13	all	wv	< 1.0.2-0.1	wv_1.0.2-0.1_all.deb