About Ubuntu

=========================================================== Ubuntu Security Notice USN-188-1 September 29, 2005 abiword vulnerability CAN-2005-2964 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: abiword abiword-gnome The problem can be corrected by upgrading the affected package to version 2.0.7+cvs.2004.05.05-1ubuntu3.2 (for Ubuntu 4.10), or 2.2.2-1ubuntu2.1 (for Ubuntu 5.04). After a standard system upgrade you need to restart AbiWord to effect the necessary changes. Details follow: Chris Evans discovered a buffer overflow in the RTF import module of AbiWord. By tricking a user into opening an RTF file with specially crafted long identifiers, an attacker could exploit this to execute arbitrary code with the privileges of the AbiWord user.