• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Link Grammar SEPARATE_WORD Function Remote Buffer Overflow Vulnerability

Link Grammar is prone to a stack-based buffer-overflow issue because it fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted document with overly long words.

Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions.

This issue affects Link Grammar 4.1b and AbiWord Link Grammar 4.2.4.

Please note that other versions of Link Grammar and other application that use Link Grammar may also be vulnerable.