Mandriva Linux Security Update Advisory - Chris Evans reported a heap based buffer overflow in the RTF importer of KWord. An attacker could provide a specially crafted RTF file, which when opened in KWord can cause execution of arbitrary code
7a3183c390645fecb2cac0f42f9b73b4f054919dbc1eb75ea65cc15ca3e7262d
Gentoo Linux Security Advisory GLSA 200510-12 - Chris Evans discovered that the KWord RTF importer was vulnerable to a heap-based buffer overflow. Versions less than 1.4.1-r1 are affected.
43aa5977d57f188c2ea992007cfc6328fca1d1164de0d60cb67f9293f0e5bb14
Ubuntu Security Notice USN-202-1 - Chris Evans discovered a buffer overflow in the RTF import module of KOffice. By tricking a user into opening a specially-crafted RTF file, an attacker could exploit this to execute arbitrary code with the privileges of the AbiWord user.
f8b85ebd07bd53ffebda5ad4703f778252dea2abc1f22e9b5e7ecfec9dc290c5
KDE Security Advisory: Chris Evans reported a heap based buffer overflow in the RTF importer of KWord. Opening specially crafted RTF files in KWord can cause execution of arbitrary code. Affected are all KOffice releases starting from KOffice 1.2.0 up to and including KOffice 1.4.1.
d4ff9986f62282d33972361b743f867876d6b8bc485e2d9d18a63c4368ccba80