{"id":"CVE-2008-3908","details":"Multiple buffer overflows in Princeton WordNet (wn) 3.0 allow context-dependent attackers to execute arbitrary code via (1) a long argument on the command line; a long (2) WNSEARCHDIR, (3) WNHOME, or (4) WNDBVERSION environment variable; or (5) a user-supplied dictionary (aka data file).  NOTE: since WordNet itself does not run with special privileges, this issue only crosses privilege boundaries when WordNet is invoked as a third party component.","modified":"2026-04-10T03:40:05.715372Z","published":"2008-09-04T17:41:00Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/32184"},{"type":"ADVISORY","url":"http://www.ocert.org/advisories/ocert-2008-014.html"},{"type":"FIX","url":"http://www.securityfocus.com/bid/30958"},{"type":"WEB","url":"http://securityreason.com/securityalert/4217"},{"type":"WEB","url":"http://www.gentoo.org/security/en/glsa/glsa-200810-01.xml"},{"type":"WEB","url":"http://www.ocert.org/analysis/2008-014/analysis.txt"},{"type":"WEB","url":"http://www.ocert.org/analysis/2008-014/wordnet.patch"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/495883/100/0/threaded"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44848"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44849"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44850"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44851"}],"schema_version":"1.7.5"}