CVE-2004-0548

Currently unrated

Key Information:

Vendor: Gnu
Status: Aspell
Vendor: CVE Published:; 6 August 2004

Summary

Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or (2) "d" decompress option.

References

http://www.securityfocus.com/bid/10497

vdb-entryx_refsource_BID

http://www.oracle.com/technetwork/topics/security/bulleti...

x_refsource_CONFIRM

http://www.gentoo.org/security/en/glsa/glsa-200406-14.xml

vendor-advisoryx_refsource_GENTOO

Timeline

Vulnerability published
Aug 6, 2004
Vulnerability Reserved
Jun 9, 2004