Stack-Based Buffer Overflow in Aspell's Word-List Compress Functionality
CVE-2004-0548

Currently unrated

Key Information:

Vendor: Gnu
Status: Aspell
Vendor: CVE Published:; 6 August 2004

What is CVE-2004-0548?

Multiple stack-based buffer overflows exist in the word-list-compress feature of Aspell's compress.c. This vulnerability allows local users to execute arbitrary code through specially crafted long entries in the wordlist when utilizing the 'c' compress option or the 'd' decompress option. Proper handling and validation of input are crucial to mitigating this security flaw. Users should apply the latest patches to ensure system integrity and security.

References

http://www.securityfocus.com/bid/10497

vdb-entryx_refsource_BID

http://www.oracle.com/technetwork/topics/security/bulleti...

x_refsource_CONFIRM

http://www.gentoo.org/security/en/glsa/glsa-200406-14.xml

vendor-advisoryx_refsource_GENTOO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2004
Vulnerability Reserved
Jun 9, 2004

Gnu

What is CVE-2004-0548?

References

Timeline