GLSA-200501-15 : UnRTF: Buffer overflow
Medium Nessus Plugin ID 16406
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200501-15 (UnRTF: Buffer overflow)
An unchecked strcat() in unrtf may overflow the bounds of a static buffer.
Using a specially crafted file, possibly delivered by e-mail or over the web, an attacker may execute arbitrary code with the permissions of the user running UnRTF.
There is no known workaround at this time.
SolutionAll unrtf users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=app-text/unrtf-0.19.3-r1'