[CVE-2008-2149] wordnet 2.0, 2.1, 3 affected by multiple buffer overflows
Bug #267067 reported by
Stefan Lesicnik
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
wordnet (Debian) |
Fix Released
|
Unknown
|
|||
wordnet (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Feisty |
Fix Released
|
Undecided
|
Unassigned | ||
Gutsy |
Won't Fix
|
Undecided
|
Unassigned | ||
Hardy |
Fix Released
|
Undecided
|
Unassigned | ||
Intrepid |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: wordnet
Stack-based buffer overflow in the searchwn function in Wordnet 2.0, 2.1,
and 3.0 might allow context-dependent attackers to execute arbitrary code
via a long command line option. NOTE: this issue probably does not cross
privilege boundaries except in cases in which Wordnet is used as a back
end.
References
http://
Related branches
CVE References
Changed in wordnet: | |
status: | Unknown → Fix Released |
Changed in wordnet: | |
assignee: | stefanlsd → nobody |
Changed in wordnet: | |
status: | New → In Progress |
status: | New → In Progress |
To post a comment you must log in.
This bug was closed in Debian, but the changelog states they only addressed minor components of this bug.
http:// www.ocert. org/advisories/ ocert-2008- 014.html
shows the release of a more comprehensive patch.
http:// www.ocert. org/analysis/ 2008-014/ wordnet. patch