>> wvWare wv2 Word Document Handling Client-Side Integer Overflow Vulnerability
Title : wvWare wv2 Word Document Handling Client-Side Integer Overflow Vulnerability VUPEN ID : VUPEN/ADV-2006-2350 CVE ID : CVE-2006-2197
Rated as : High Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2006-06-14
Technical Description
A vulnerability has been identified in wvWare wv2, which could be exploited by attackers to compromise a vulnerable system. This flaw is due to an integer overflow error in the "word_helper.h" file that does not properly handle malformed Word documents, which could be exploited by attackers to execute arbitrary commands by tricking a user into opening a specially crafted document using an application linked against a vulnerable library.
