Mandriva Update For Wordnet MDVSA-2008:182-1 (wordnet) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Rob Holland found several programming errors in WordNet which could lead to the execution or arbitrary code when used with untrusted input (CVE-2008-2149, CVE-2008-3908). Update: The previous patch had a typo that caused incorrect behaviour in WordNet. This update uses an update patch that corrects the issue and also notes the additional assigned CVE name for these issues.

Affected

wordnet on Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64, Mandriva Linux 2008.1, Mandriva Linux 2008.1/X86_64

Severity

Classification

CVE CVE-2008-2149, CVE-2008-3908
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:021 (php)
Mandrake Security Advisory MDVSA-2009:035 (gstreamer0.10-plugins-good)
Mandrake Security Advisory MDVSA-2009:184 (apache-mod_security)
Mandrake Security Advisory MDVSA-2009:049 (pycrypto)
Mandrake Security Advisory MDVSA-2009:111-1 (firefox)

Mandriva Update for wordnet MDVSA-2008:182-1 (wordnet)

Take action and discover your vulnerabilities