Launchpad.net

CVE 2007-5395

Stack-based buffer overflow in the separate_word function in tokenize.c in Link Grammar 4.1b and possibly other versions, as used in AbiWord Link Grammar 4.2.4, allows remote attackers to execute arbitrary code via a long word, as reachable through the separate_sentence function.

Related bugs and status

CVE-2007-5395 (Candidate) is related to these bugs:

Bug #162511: [CVE-2007-5395] link-grammar is vulnerable

		In	Importance	Status
162511	[CVE-2007-5395] link-grammar is vulnerable	link-grammar (Ubuntu)	Low	Fix Released
162511	[CVE-2007-5395] link-grammar is vulnerable	link-grammar (Ubuntu Dapper)	Low	Fix Released
162511	[CVE-2007-5395] link-grammar is vulnerable	link-grammar (Ubuntu Edgy)	Low	Fix Released
162511	[CVE-2007-5395] link-grammar is vulnerable	link-grammar (Ubuntu Gutsy)	Low	Fix Released
162511	[CVE-2007-5395] link-grammar is vulnerable	link-grammar (Ubuntu Hardy)	Low	Fix Released
162511	[CVE-2007-5395] link-grammar is vulnerable	link-grammar (Ubuntu Feisty)	Low	Fix Released

Bug #163814: [link-grammar] User-assisted execution of arbitrary code

Summary				In	Importance	Status
	163814	[link-grammar] User-assisted execution of arbitrary code		link-grammar (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://secunia.com/sec...
MISC: http://secunia.com/sec...
SECUNIA: 27300
SECUNIA: 27340
BID: 26365
CONFIRM: https://bugzilla.redha...
CONFIRM: http://bugs.gentoo.org...
FEDORA: FEDORA-2007-3339
GENTOO: GLSA-200711-27
SECUNIA: 27631
SECUNIA: 27702
UBUNTU: USN-545-1
SECUNIA: 27783
CONFIRM: http://bugs.debian.org...
DEBIAN: DSA-1432
SECUNIA: 28101
VUPEN: ADV-2007-3770
VUPEN: ADV-2007-3771
XF: abiword-linkgrammar-se...
BUGTRAQ: 20071107 Secunia Resea...
BUGTRAQ: 20071107 Secunia Resea...