CVE-2008-3908

Priority
Description
Multiple buffer overflows in Princeton WordNet (wn) 3.0 allow
context-dependent attackers to execute arbitrary code via (1) a long
argument on the command line; a long (2) WNSEARCHDIR, (3) WNHOME, or (4)
WNDBVERSION environment variable; or (5) a user-supplied dictionary (aka
data file). NOTE: since WordNet itself does not run with special
privileges, this issue only crosses privilege boundaries when WordNet is
invoked as a third party component.
Notes
jdstrandper Debian-- 1:3.0-12 had a regression and the patch was slightly
updated by 1:3.0-13 to fix this bug
Package
Upstream:released (1:3.0-13)
More Information

Updated: 2020-01-29 19:32:49 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)