GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/5280 | VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/5280 | VDB Entry |
Configurations
History
20 Nov 2024, 23:33
Type | Values Removed | Values Added |
---|---|---|
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/5280 - VDB Entry |
Information
Published : 2000-12-19 05:00
Updated : 2024-11-20 23:33
NVD link : CVE-2000-0803
Mitre link : CVE-2000-0803
CVE.ORG link : CVE-2000-0803
JSON object : View
Products Affected
gnu
- groff
CWE