Multiple vulnerabilities were found in WordNet, possibly allowing for the execution of arbitrary code.
Package | app-dicts/wordnet on all architectures |
---|---|
Affected versions | < 3.0-r2 |
Unaffected versions | >= 3.0-r2 |
WordNet is a large lexical database of English.
Jukka Ruohonen initially reported a boundary error within the searchwn() function in src/wn.c. A thorough investigation by the oCERT team revealed several other vulnerabilities in WordNet:
There is no known workaround at this time.
All WordNet users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-dicts/wordnet-3.0-r2"
Release date
October 07, 2008
Latest revision
October 07, 2008: 01
Severity
normal
Exploitable
local, remote
Bugzilla entries