GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/5280 | VDB Entry |
Configurations
History
No history.
Information
Published : 2000-12-19 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2000-0803
Mitre link : CVE-2000-0803
CVE.ORG link : CVE-2000-0803
JSON object : View
Products Affected
gnu
- groff
CWE