3 matches found
Debian DSA-072-1 : groff - printf format attack
Zenith Parse found a security problem in groff the GNU version oftroff. The pic command was vulnerable to a printf format attack which made it possible to circumvent the -S' option and execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
CVE-2001-1022
CVE-2001-1022 relates to a format-string vulnerability in the groff family: the pic component of groff (and jgroff before 1.15) could bypass the -S option and execute arbitrary commands via format-string specifiers in the plot command. Affected: groff 1.16.1 and other versions; jgroff before 1.15...
CVE-2001-1022
Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command...