Lucene search

K
cveFlexeraCVE-2007-5395
HistoryNov 08, 2007 - 2:46 a.m.

CVE-2007-5395

2007-11-0802:46:00
CWE-119
flexera
web.nvd.nist.gov
35
cve-2007-5395
stack-based buffer overflow
tokenize.c
link grammar
remote code execution
nvd

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.268

Percentile

96.8%

Stack-based buffer overflow in the separate_word function in tokenize.c in Link Grammar 4.1b and possibly other versions, as used in AbiWord Link Grammar 4.2.4, allows remote attackers to execute arbitrary code via a long word, as reachable through the separate_sentence function.

Affected configurations

Nvd
Node
link_grammarlink_grammarMatch4.1b
AND
abiwordabiword_link_grammarMatch4.2.4
VendorProductVersionCPE
link_grammarlink_grammar4.1bcpe:2.3:a:link_grammar:link_grammar:4.1b:*:*:*:*:*:*:*
abiwordabiword_link_grammar4.2.4cpe:2.3:a:abiword:abiword_link_grammar:4.2.4:*:*:*:*:*:*:*

References

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.268

Percentile

96.8%