CVE-2001-1022

Currently unrated

Key Information:

Vendor: Gnu
Status: Groff; Jgroff
Vendor: CVE Published:; 26 July 2001

Summary

Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command.

References

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio...

vendor-advisoryx_refsource_CONECTIVA

http://www.debian.org/security/2002/dsa-107

vendor-advisoryx_refsource_DEBIAN

https://exchange.xforce.ibmcloud.com/vulnerabilities/6918

vdb-entryx_refsource_XF

EPSS Score

3% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Jan 31, 2002
Vulnerability published
Jul 26, 2001