UnRTF: Buffer overflow — GLSA 200501-15

A buffer overflow in UnRTF allows an attacker to execute arbitrary code by way of a specially crafted RTF file.

Affected Packages

app-text/unrtf on all architectures
Affected versions < 0.19.3-r1
Unaffected versions >= 0.19.3-r1

Background

UnRTF is a utility to convert files in the Rich Text Format into other formats.

Description

An unchecked strcat() in unrtf may overflow the bounds of a static buffer.

Impact

Using a specially crafted file, possibly delivered by e-mail or over the web, an attacker may execute arbitrary code with the permissions of the user running UnRTF.

Workaround

There is no known workaround at this time.

Resolution

All unrtf users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-text/unrtf-0.19.3-r1"

References

Release Date
January 10, 2005

Latest Revision
January 10, 2005: 01

Severity
normal

Exploitable
remote

Bugzilla entries