Lucene search

K
cve[email protected]CVE-2000-0803
HistoryDec 19, 2000 - 5:00 a.m.

CVE-2000-0803

2000-12-1905:00:00
NVD-CWE-Other
web.nvd.nist.gov
24
gnu groff
privilege escalation
cve-2000-0803
device description file
postpro directive
nvd.

7.3 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

77.3%

GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff.

CPENameOperatorVersion
gnu:groffgnu grofflt1.17

7.3 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

77.3%

Related for CVE-2000-0803