Unrated severityNVD Advisory· Published Mar 16, 2007· Updated Apr 23, 2026

CVE-2007-0002

Description

Multiple heap-based buffer overflows in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allow user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted WordPerfect file in which values to loop counters are not properly handled in the (1) WP3TablesGroup::_readContents and (2) WP5DefinitionGroup_DefineTablesSubGroup::WP5DefinitionGroup_DefineTablesSubGroup functions. NOTE: the integer overflow has been split into CVE-2007-1466.

Affected products

Libwpd/Libwpd Library4 versions
cpe:2.3:a:libwpd:libwpd_library:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:libwpd:libwpd_library:*:*:*:*:*:*:*:*range: <=0.8.8
- cpe:2.3:a:libwpd:libwpd_library:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:libwpd:libwpd_library:0.8.6:*:*:*:*:*:*:*
- cpe:2.3:a:libwpd:libwpd_library:0.8.7:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/24465nvdVendor Advisory
secunia.com/advisories/24507nvdVendor Advisory
secunia.com/advisories/24557nvdVendor Advisory
secunia.com/advisories/24572nvdVendor Advisory
secunia.com/advisories/24573nvdVendor Advisory
secunia.com/advisories/24580nvdVendor Advisory
secunia.com/advisories/24581nvdVendor Advisory
secunia.com/advisories/24588nvdVendor Advisory
secunia.com/advisories/24591nvdVendor Advisory
secunia.com/advisories/24593nvdVendor Advisory
secunia.com/advisories/24613nvdVendor Advisory
secunia.com/advisories/24794nvdVendor Advisory
secunia.com/advisories/24856nvdVendor Advisory
secunia.com/advisories/24906nvdVendor Advisory
www.redhat.com/support/errata/RHSA-2007-0055.htmlnvdVendor Advisory
www.vupen.com/english/advisories/2007/0976nvdVendor Advisory
www.vupen.com/english/advisories/2007/1032nvdVendor Advisory
www.vupen.com/english/advisories/2007/1339nvdVendor Advisory
fedoranews.org/cms/node/2805nvd
labs.idefense.com/intelligence/vulnerabilities/display.phpnvd
lists.suse.com/archive/suse-security-announce/2007-Mar/0007.htmlnvd
security.gentoo.org/glsa/glsa-200704-07.xmlnvd
slackware.com/security/viewer.phpnvd
sourceforge.net/project/shownotes.phpnvd
sunsolve.sun.com/search/document.donvd
www.debian.org/security/2007/dsa-1268nvd
www.debian.org/security/2007/dsa-1270nvd
www.gentoo.org/security/en/glsa/glsa-200704-12.xmlnvd
www.mandriva.com/security/advisoriesnvd
www.mandriva.com/security/advisoriesnvd
www.securityfocus.com/archive/1/463033/100/0/threadednvd
www.securityfocus.com/bid/23006nvd
www.securitytracker.com/idnvd
www.ubuntu.com/usn/usn-437-1nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11535nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000