CVE-2004-0548

Aspell - Buffer Overflow

Title source: llm

Description

Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or (2) "d" decompress option.

Exploits (1)

exploitdb WORKING POC VERIFIED

by c0d3r · clocallinux

https://www.exploit-db.com/exploits/669

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/10497

[Vendor Advisory] http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

[Vendor Advisory] http://www.gentoo.org/security/en/glsa/glsa-200406-14.xml

[Mailing List] http://marc.info/?l=bugtraq&m=108675120224531&w=2

Scores

EPSS 0.0018

EPSS Percentile 39.8%

Details

Status published

Products (2)

gentoo/linux 1.4

gnu/aspell 0.50.5

Published Aug 06, 2004

Tracked Since Feb 18, 2026