Bug#292002: "Decrypt::makeFileKey2()" Buffer Overflow

To: Submit BTS <submit@bugs.debian.org>
Cc: security@debian.org
Subject: Bug#292002: "Decrypt::makeFileKey2()" Buffer Overflow
From: Luciano Bello <lbello@arcert.gov.ar>
Date: Mon, 24 Jan 2005 11:14:57 -0300
Message-id: <[🔎] 1106576098.1389.47.camel@clementina.arcert.gov.ar>
Reply-to: Luciano Bello <lbello@arcert.gov.ar>, 292002@bugs.debian.org

Package: kpdf
Version: 3.x
Severity: grave
Tags: security patch

TITLE:
KOffice "Decrypt::makeFileKey2()" Buffer Overflow

SECUNIA ADVISORY ID:
SA13934

VERIFY ADVISORY:
http://secunia.com/advisories/13934/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
>From remote

SOFTWARE:
KOffice 1.x
http://secunia.com/product/4155/

DESCRIPTION:
A vulnerability has been reported in KOffice, which can be exploited
by malicious people to compromise a user's system.

For more information:
SA13903

The vulnerability has been reported in versions 1.3 through 1.3.5.

SOLUTION:
Apply patch.

KOffice 1.3.5:
ftp://ftp.kde.org/pub/kde/security_patches/post-1.3.5-koffice.diff

ORIGINAL ADVISORY:
http://www.kde.org/info/security/advisory-20050120-1.txt

OTHER REFERENCES:
SA13903:
http://secunia.com/advisories/13903/

Reply to:

Follow-Ups:
- Bug#292002: marked as done ("Decrypt::makeFileKey2()" Buffer Overflow)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#292002: "Decrypt::makeFileKey2()" Buffer Overflow
  - From: Ben Burton <bab@debian.org>

Prev by Date: Bug#291994: marked as done ("Decrypt::makeFileKey2()" Buffer Overflow)
Next by Date: Bug#286476: solved
Previous by thread: Bug#292000: marked as done (installation of package version kdm_4%3a3.3.2-1_i386.deb fails with debconf error)
Next by thread: Bug#292002: marked as done ("Decrypt::makeFileKey2()" Buffer Overflow)
Index(es):
- Date
- Thread