|
|
CVE Reference: CVE-2008-3908 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-3908 |
|
|
Description: Multiple buffer overflows in Princeton WordNet (wn) 3.0 allow context-dependent attackers to execute arbitrary code via (1) a long argument on the command line; a long (2) WNSEARCHDIR, (3) WNHOME, or (4) WNDBVERSION environment variable; or (5) a user-supplied dictionary (aka data file). NOTE: since WordNet itself does not run with special privileges, this issue only crosses privilege boundaries when WordNet is invoked as a third party component. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/44851 http://xforce.iss.net/xforce/xfdb/44848 http://xforce.iss.net/xforce/xfdb/44849 http://xforce.iss.net/xforce/xfdb/44850 SREASON http://securityreason.com/securityalert/4217 SAID Secunia Advisory: SA32184 MISC http://www.ocert.org/analysis/2008-014/wordnet.patch http://www.ocert.org/advisories/ocert-2008-014.html http://www.ocert.org/analysis/2008-014/analysis.txt GENTOO http://www.gentoo.org/security/en/glsa/glsa-200810-01.xml BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/495883/100/0/threaded BID 30958 |
|
| Return to the previous page. |
