Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0548

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2004-0548
Last Modified 10 Sep 2008 03:26:47
Published 06 Aug 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0548

Summary

Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or (2) "d" decompress option.

Vulnerable Systems

Operating System

  • Gentoo Linux 1.4

Application

  • Gnu Aspell 0.50.5


References

BUGTRAQ - 20040608 Aspell 'word-list-compress' stack overflow vulnerability

GENTOO - GLSA-200406-14


Last Updated: 27 May 2016 10:38:39