PT-2004-1656 · Aspell · Aspell

Published

2004-06-11

Updated

2016-11-28

CVE-2004-0548

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Aspell (affected versions not specified)

Description The issue is related to multiple stack-based buffer overflows in the word-list-compress functionality. This occurs when a long entry in the wordlist is not properly handled, specifically when using the "c" compress option or the "d" decompress option. This can allow local users to execute arbitrary code.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-0548

Affected Products

Aspell

PT-2004-1656 · Aspell · Aspell

CVE-2004-0548

Related Identifiers

Affected Products

References · 9