CVE-2008-3908

Multiple buffer overflows in Princeton WordNet (wn) 3.0 allow context-dependent attackers to execute arbitrary code via (1) a long argument on the command line; a long (2) WNSEARCHDIR, (3) WNHOME, or (4) WNDBVERSION environment variable; or (5) a user-supplied dictionary (aka data file). NOTE: since WordNet itself does not run with special privileges, this issue only crosses privilege boundaries when WordNet is invoked as a third party component.
Configurations

Configuration 1 (hide)

cpe:2.3:a:princeton_university:wordnet:3.0:*:*:*:*:*:*:*

History

21 Nov 2024, 00:50

Type Values Removed Values Added
References () http://secunia.com/advisories/32184 - () http://secunia.com/advisories/32184 -
References () http://securityreason.com/securityalert/4217 - () http://securityreason.com/securityalert/4217 -
References () http://www.gentoo.org/security/en/glsa/glsa-200810-01.xml - () http://www.gentoo.org/security/en/glsa/glsa-200810-01.xml -
References () http://www.ocert.org/advisories/ocert-2008-014.html - () http://www.ocert.org/advisories/ocert-2008-014.html -
References () http://www.ocert.org/analysis/2008-014/analysis.txt - () http://www.ocert.org/analysis/2008-014/analysis.txt -
References () http://www.ocert.org/analysis/2008-014/wordnet.patch - () http://www.ocert.org/analysis/2008-014/wordnet.patch -
References () http://www.securityfocus.com/archive/1/495883/100/0/threaded - () http://www.securityfocus.com/archive/1/495883/100/0/threaded -
References () http://www.securityfocus.com/bid/30958 - Patch () http://www.securityfocus.com/bid/30958 - Patch
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/44848 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/44848 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/44849 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/44849 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/44850 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/44850 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/44851 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/44851 -

Information

Published : 2008-09-04 17:41

Updated : 2024-11-21 00:50


NVD link : CVE-2008-3908

Mitre link : CVE-2008-3908

CVE.ORG link : CVE-2008-3908


JSON object : View

Products Affected

princeton_university

  • wordnet
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer