CVE-2007-1466

Name of the Vulnerable Software and Affected Versions libwpd versions prior to 0.8.9

Description The issue is related to an integer overflow in the WP6GeneralTextPacket:: readContents function in the WordPerfect Document importer/exporter. This can be exploited by user-assisted remote attackers using a crafted WordPerfect file, potentially leading to a denial of service (application crash) and possibly the execution of arbitrary code.

Recommendations For versions prior to 0.8.9, update to version 0.8.9 or later to resolve the issue. As a temporary workaround, consider restricting the use of the WordPerfect Document importer/exporter until a patch is applied. Avoid opening crafted WordPerfect files with the affected software until the issue is resolved.