CVE-2004-0548

Description

Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or (2) "d" decompress option.

Affected Software
References

Software	From	Fixed in
gentoo / linux	1.4	1.4.x
gnu / aspell	0.50.5	0.50.5.x

http://marc.info/?l=bugtraq&m=108675120224531&w=2
http://www.gentoo.org/security/en/glsa/glsa-200406-14.xml
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
http://www.securityfocus.com/bid/10497

Severity: High

CVE: CVE-2004-0548
Published: Aug 6, 2004
Updated: Apr 13, 2023
Exploit:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CVE-2004-0548

Description

Details

CVSS v2