S-177: Vulnerabilities in Microsoft Works File Converter

02-13-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

S-177: Vulnerabilities in Microsoft Works File Converter

A remote code vulnerability exists in Microsoft Works File Converter due to the way that it improperly validates: 1) section length headers with the .wps format; 2) section header index table information with the .wps file format; and 3) various field lengths information with the .wps file format. The risk is MEDIUM. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

Font::TTF::Cmap(3) User Contributed Perl Documentation Font::TTF::Cmap(3) NAME
Font::TTF::Cmap - Character map table DESCRIPTION
Looks after the character map. For ease of use, the actual cmap is held in a hash against codepoint. Thus for a given table: $gid = $font->{'cmap'}{'Tables'}[0]{'val'}{$code}; Note that $code should be a true value (0x1234) rather than a string representation. INSTANCE VARIABLES
The instance variables listed here are not preceeded by a space due to their emulating structural information in the font. Num Number of subtables in this table Tables An array of subtables ([0..Num-1]) Each subtables also has its own instance variables which are, again, not preceeded by a space. Platform The platform number for this subtable Encoding The encoding number for this subtable Format Gives the stored format of this subtable Ver Gives the version (or language) information for this subtable val A hash keyed by the codepoint value (not a string) storing the glyph id METHODS
$t->read Reads the cmap into memory. Format 4 subtables read the whole subtable and fill in the segmented array accordingly. $t->ms_lookup($uni) Finds a Unicode table, giving preference to the MS one, and looks up the given Unicode codepoint in it to find the glyph id. $t->find_ms Finds the a Unicode table, giving preference to the Microsoft one, and sets the "mstable" instance variable to it if found. Returns the table it finds. $t->ms_enc Returns the encoding of the microsoft table (0 => symbol, etc.). Returns undef if there is no Microsoft cmap. $t->out($fh) Writes out a cmap table to a filehandle. If it has not been read, then just copies from input file to output $t->XML_element($context, $depth, $name, $val) Outputs the elements of the cmap in XML. We only need to process val here $t->update Tidies the cmap table. Removes MS Fmt12 cmap if it is no longer needed. Removes from all cmaps any codepoint that map to GID=0. Note that such entries will be re-introduced as necessary depending on the cmap format. @map = $t->reverse(%opt) Returns a reverse map of the Unicode cmap. I.e. given a glyph gives the Unicode value for it. Options are: tnum Table number to use rather than the default Unicode table array Returns each element of reverse as an array since a glyph may be mapped by more than one Unicode value. The arrays are unsorted. Otherwise store any one unicode value for a glyph. is_unicode($index) Returns whether the table of a given index is known to be a unicode table (as specified in the specifications) BUGS
o No support for format 2 tables (MBCS) AUTHOR
Martin Hosken Martin_Hosken@sil.org. See Font::TTF::Font for copyright and licensing. perl v5.16.3 2012-02-23 Font::TTF::Cmap(3)

Security Advisories (RSS)

S-177: Vulnerabilities in Microsoft Works File Converter

LEARN ABOUT CENTOS

font::ttf::cmap