==========================================================Ubuntu Security Notice USN-203-1 October 13, 2005
abiword vulnerabilities CAN-2005-2972
A security issue affects the following Ubuntu releases:
The problem can be corrected by upgrading the affected package to
version 2.0.7+cvs.2004.05.05-1ubuntu3.3 (for Ubuntu 4.10), or
2.2.2-1ubuntu2.2 (for Ubuntu 5.04). After a standard system upgrade
you have to restart Abiword to effect the necessary changes.
Chris Evans discovered several buffer overflows in the RTF import
module of AbiWord. By tricking a user into opening an RTF file with
specially crafted long identifiers, an attacker could exploit this to
execute arbitrary code with the privileges of the AbiWord user.