NVD

Id
3770  
Name
CVE-2008-3908  
Description
Multiple buffer overflows in Princeton WordNet (wn) 3.0 allow context-dependent attackers to execute arbitrary code via (1) a long argument on the command line; a long (2) WNSEARCHDIR, (3) WNHOME, or (4) WNDBVERSION environment variable; or (5) a user-supplied dictionary (aka data file). NOTE: since WordNet itself does not run with special privileges, this issue only crosses privilege boundaries when WordNet is invoked as a third party component.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-03  
Published
2008-09-04  
Modified Date
2009-01-29  
Seq
2008-3908  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
23851 3770 CVE-2008-3908 4217  View
23852 3770 CVE-2008-3908 GLSA-200810-01  View
23853 3770 CVE-2008-3908 http://www.ocert.org/analysis/2008-014/analysis.txt  View
23854 3770 CVE-2008-3908 http://www.ocert.org/analysis/2008-014/wordnet.patch  View
23855 3770 CVE-2008-3908 20080901 [oCERT-2008-014] WordNet stack and heap overflows  View
23856 3770 CVE-2008-3908 30958  View
23857 3770 CVE-2008-3908 wordnet-morph-search-bo(44848)  View
23858 3770 CVE-2008-3908 wordnet-morphinit-bo(44849)  View
23859 3770 CVE-2008-3908 wordnet-wninit-bo(44850)  View
23860 3770 CVE-2008-3908 wordnet-binsrch-search-bo(44851)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
50885 JVNDB-2008-006195 Princeton wn におけるバッファオーバーフローの脆弱性 Princeton WordNet (wn) には、バッファオーバーフローの脆弱性が存在します。 CVE-2008-3908 34021 CVE-2008-3908 3770 10 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-006195.html 2008-09-04 2012-12-20 View