CVE-2004-0645
abiword - buffer overflow
EPSS 10.6%
Description
Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field.
How to fix CVE-2004-0645
To remediate CVE-2004-0645, upgrade the affected package to a fixed version below.
- Debian/abiword—upgrade to 2.0.8 or later
- Debian/abiword—upgrade to 1.0.2+cvs.2002.06.05-1woody2 or later
- Debian/wv—upgrade to 1.0.2-0.1 or later
- —upgrade to 0.7.1+rvt-2woody3 or later
Is CVE-2004-0645 being exploited?
Moderate — EPSS is 10.6%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (4)
- from 0, < 2.0.8
- from 0, < 1.0.2+cvs.2002.06.05-1woody2
- from 0, < 1.0.2-0.1
- from 0, < 0.7.1+rvt-2woody3