Launchpad.net

CVE 2008-2149

Stack-based buffer overflow in the searchwn function in Wordnet 2.0, 2.1, and 3.0 might allow context-dependent attackers to execute arbitrary code via a long command line option. NOTE: this issue probably does not cross privilege boundaries except in cases in which Wordnet is used as a back end.

Related bugs and status

CVE-2008-2149 (Candidate) is related to these bugs:

Bug #267067: [CVE-2008-2149] wordnet 2.0, 2.1, 3 affected by multiple buffer overflows

		In	Importance	Status
267067	[CVE-2008-2149] wordnet 2.0, 2.1, 3 affected by multiple buffer overflows	wordnet (Ubuntu)	Undecided	Fix Released
267067	[CVE-2008-2149] wordnet 2.0, 2.1, 3 affected by multiple buffer overflows	wordnet (Debian)	Unknown	Fix Released
267067	[CVE-2008-2149] wordnet 2.0, 2.1, 3 affected by multiple buffer overflows	wordnet (Ubuntu Hardy)	Undecided	Fix Released
267067	[CVE-2008-2149] wordnet 2.0, 2.1, 3 affected by multiple buffer overflows	wordnet (Ubuntu Intrepid)	Undecided	Fix Released
267067	[CVE-2008-2149] wordnet 2.0, 2.1, 3 affected by multiple buffer overflows	wordnet (Ubuntu Gutsy)	Undecided	Won't Fix
267067	[CVE-2008-2149] wordnet 2.0, 2.1, 3 affected by multiple buffer overflows	wordnet (Ubuntu Feisty)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugs.gentoo.or...
BID: 29208
SECUNIA: 30242
DEBIAN: DSA-1634
MANDRIVA: MDVSA-2008:182
SECUNIA: 31654
GENTOO: GLSA-200810-01
SECUNIA: 32184
VUPEN: ADV-2008-1527
XF: wordnet-searchwn-bo(42...