Search Results (Refine Search)
- CPE Product Version: cpe:/a:gnu:aspell:0.50.5
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-20433 |
libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELL_CONF environment variable. Published: January 27, 2020; 10:15:12 AM -0500 |
V3.1: 9.1 CRITICAL V2.0: 6.4 MEDIUM |
CVE-2019-17544 |
libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character. Published: October 13, 2019; 10:15:10 PM -0400 |
V3.1: 9.1 CRITICAL V2.0: 6.4 MEDIUM |
CVE-2004-0548 |
Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or (2) "d" decompress option. Published: August 06, 2004; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |