CVE-2005-2972

Name of the Vulnerable Software and Affected Versions AbiWord versions prior to 2.2.11

Description The issue is related to multiple stack-based buffer overflows in the RTF import feature. This occurs when handling long identifiers in RTF files, which are not properly handled in certain functions. The affected functions include ParseLevelText, getCharsInsideBrace, HandleLists, and HandleAbiLists in the file ie imp RTF.cpp. This allows user-assisted attackers to execute arbitrary code.

Recommendations For AbiWord versions prior to 2.2.11, update to version 2.2.11 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the RTF import feature until a patch is applied. Restrict access to RTF files from untrusted sources to minimize the risk of exploitation.