Page 2 of 8 results (0.004 seconds)

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

Buffer overflow in the preprocessor in groff 1.16 and earlier allows remote attackers to gain privileges via lpd in the LPRng printing system. Desbordamiento de buffer en el preprocesador de groff 1.16 y anteriores permite que un atacante obtenga privilegios de lpd en el sistema de impresión LPRng • http://online.securityfocus.com/advisories/3793 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-012.php http://www.redhat.com/support/errata/RHSA-2002-004.html http://www.securityfocus.com/bid/3869 https://exchange.xforce.ibmcloud.com/vulnerabilities/7881 https://access.redhat.com/security/cve/CVE-2002-0003 https://bugzilla.redhat.com/show_bug.cgi?id=1616712 •

CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 2

Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command. • https://www.exploit-db.com/exploits/21037 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000428 http://www.debian.org/security/2001/dsa-072 http://www.debian.org/security/2002/dsa-107 http://www.osvdb.org/1914 http://www.redhat.com/support/errata/RHSA-2002-004.html http://www.securityfocus.com/archive/1/199706 http://www.securityfocus.com/bid/3103 https://exchange.xforce.ibmcloud.com/vulnerabilities/6918 https://access.redhat.com/security/cve/CVE-2001-1 •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff. • https://exchange.xforce.ibmcloud.com/vulnerabilities/5280 •