Red Hat Bugzilla – Bug 371221
CVE-2007-5395 link-grammar buffer overflow in tokenize.c
Last modified: 2007-11-14 22:37:06 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-5395 to the following vulnerability:
Stack-based buffer overflow in the separate_word function in tokenize.c in Link Grammar 4.1b and possibly other versions, as used in AbiWord Link Grammar 4.2.4, allows remote attackers to execute arbitrary code via a long word, as reachable through the separate_sentence function.
Created attachment 255061 [details]
I sent a 4.2.5 package to koji, which is pending approval to be pushed.
link-grammar-4.2.5-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
link-grammar-4.2.5-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.