CVE-2005-2972

N/A Unknown

Published: October 23, 2005 Modified: April 16, 2026

Description

Multiple stack-based buffer overflows in the RTF import feature in AbiWord before 2.2.11 allow user-assisted attackers to execute arbitrary code via an RTF file with long identifiers, which are not properly handled in the (1) ParseLevelText, (2) getCharsInsideBrace, (3) HandleLists, (4) or (5) HandleAbiLists functions in ie_imp_RTF.cpp, a different vulnerability than CVE-2005-2964.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://scary.beasts.org/security/CESA-2005-006.txt

Source: secalert@redhat.com

Exploit Vendor Advisory

http://secunia.com/advisories/17199

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/17200

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/17213

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/17264

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/17551

Source: secalert@redhat.com

Vendor Advisory

http://www.abisource.com/changelogs/2.2.11.phtml

Source: secalert@redhat.com

http://www.debian.org/security/2005/dsa-894

Source: secalert@redhat.com

http://www.gentoo.org/security/en/glsa/glsa-200510-17.xml

Source: secalert@redhat.com

Patch Vendor Advisory

http://www.mail-archive.com/debian-bugs-rc%40lists.debian.org/msg28251.html

Source: secalert@redhat.com

http://www.osvdb.org/20015

Source: secalert@redhat.com

http://www.securityfocus.com/bid/15096

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2005/2086

Source: secalert@redhat.com

Vendor Advisory

https://usn.ubuntu.com/203-1/

Source: secalert@redhat.com

http://scary.beasts.org/security/CESA-2005-006.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit Vendor Advisory

http://secunia.com/advisories/17199

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/17200

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/17213

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/17264

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/17551

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.abisource.com/changelogs/2.2.11.phtml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2005/dsa-894

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.gentoo.org/security/en/glsa/glsa-200510-17.xml

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.mail-archive.com/debian-bugs-rc%40lists.debian.org/msg28251.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/20015

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/15096

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2005/2086

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://usn.ubuntu.com/203-1/

Source: af854a3a-2127-422b-91ae-364da2661108

28 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

2.7%

86th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

abisource

Related CVEs

CVE-2026-41907 N/A

CVE-2026-41894 N/A

CVE-2026-41492 9.8

CVE-2026-41421 8.8

CVE-2026-41419 7.6