CVE-2004-1263
The CVE-2004-1263 issue affects ChangePassword 0.8. When installed setuid, local users can cause arbitrary code execution by manipulating the PATH to reference a malicious make program. The vulnerability stems from overriding PATH, allowing a locally executed, attacker-provided make to run with e...