CVE-2006-2197

Name of the Vulnerable Software and Affected Versions libwv2-dev versions prior to 0.2.3 libwv2-1 versions prior to 0.2.3

Description The issue is related to multiple vulnerabilities in the libwv2 package, which can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited by a remote attacker who has passed the authentication procedure. Specifically, an integer overflow in wv2 before version 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document.

Recommendations For versions prior to 0.2.3, update to version 0.2.3 or later to resolve the issue. As a temporary workaround, consider restricting access to crafted Microsoft Word documents until a patch is available. Avoid using the libwv2 package with untrusted input until the issue is resolved.