About Ubuntu

=========================================================== Ubuntu Security Notice USN-203-1 October 13, 2005 abiword vulnerabilities CAN-2005-2972 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: abiword The problem can be corrected by upgrading the affected package to version 2.0.7+cvs.2004.05.05-1ubuntu3.3 (for Ubuntu 4.10), or 2.2.2-1ubuntu2.2 (for Ubuntu 5.04). After a standard system upgrade you have to restart Abiword to effect the necessary changes. Details follow: Chris Evans discovered several buffer overflows in the RTF import module of AbiWord. By tricking a user into opening an RTF file with specially crafted long identifiers, an attacker could exploit this to execute arbitrary code with the privileges of the AbiWord user.