==========================================================Ubuntu Security Notice USN-188-1 September 29, 2005
abiword vulnerability CAN-2005-2964
A security issue affects the following Ubuntu releases:
The problem can be corrected by upgrading the affected package to
version 2.0.7+cvs.2004.05.05-1ubuntu3.2 (for Ubuntu 4.10), or
2.2.2-1ubuntu2.1 (for Ubuntu 5.04). After a standard system upgrade
you need to restart AbiWord to effect the necessary changes.
Chris Evans discovered a buffer overflow in the RTF import module of
AbiWord. By tricking a user into opening an RTF file with specially
crafted long identifiers, an attacker could exploit this to execute
arbitrary code with the privileges of the AbiWord user.