9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
6 Medium
AI Score
Confidence
Low
0.073 Low
EPSS
Percentile
94.1%
Debian Security Advisory DSA-2361-1 [email protected]
http://www.debian.org/security/ Florian Weimer
December 07, 2011 http://www.debian.org/security/faq
Package : chasen
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-4000
It was discovered that ChaSen, a Japanese morphological analysis
system, contains a buffer overflow, potentially leading to arbitrary
code execution in programs using the library.
For the oldstable distribution (lenny), this problem has been fixed in
version 2.4.4-2+lenny2.
For the stable distribution (squeeze), this problem has been fixed in
version 2.4.4-11+squeeze2.
We recommend that you upgrade your chasen packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: [email protected]
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 5 | alpha | libchasen2 | < 2.4.4-2+lenny2 | libchasen2_2.4.4-2+lenny2_alpha.deb |
Debian | 6 | kfreebsd-amd64 | libchasen-dev | < 2.4.4-11+squeeze2 | libchasen-dev_2.4.4-11+squeeze2_kfreebsd-amd64.deb |
Debian | 6 | kfreebsd-amd64 | chasen | < 2.4.4-11+squeeze2 | chasen_2.4.4-11+squeeze2_kfreebsd-amd64.deb |
Debian | 6 | amd64 | chasen-dictutils | < 2.4.4-11+squeeze2 | chasen-dictutils_2.4.4-11+squeeze2_amd64.deb |
Debian | 6 | i386 | libchasen2 | < 2.4.4-11+squeeze2 | libchasen2_2.4.4-11+squeeze2_i386.deb |
Debian | 6 | s390 | libchasen-dev | < 2.4.4-11+squeeze2 | libchasen-dev_2.4.4-11+squeeze2_s390.deb |
Debian | 6 | amd64 | libchasen2 | < 2.4.4-11+squeeze2 | libchasen2_2.4.4-11+squeeze2_amd64.deb |
Debian | 5 | mips | chasen-dictutils | < 2.4.4-2+lenny2 | chasen-dictutils_2.4.4-2+lenny2_mips.deb |
Debian | 5 | arm | libchasen2 | < 2.4.4-2+lenny2 | libchasen2_2.4.4-2+lenny2_arm.deb |
Debian | 5 | powerpc | libchasen2 | < 2.4.4-2+lenny2 | libchasen2_2.4.4-2+lenny2_powerpc.deb |