3 matches found
CVE-2004-1263
changepassword.cgi in ChangePassword 0.8, when installed setuid, allows local users to execute arbitrary code by modifying the PATH environment variable to point to a malicious "make" program...
CVE-2004-1263
The CVE-2004-1263 issue affects ChangePassword 0.8. When installed setuid, local users can cause arbitrary code execution by manipulating the PATH to reference a malicious make program. The vulnerability stems from overriding PATH, allowing a locally executed, attacker-provided make to run with e...
CVE-2004-1263
changepassword.cgi in ChangePassword 0.8, when installed setuid, allows local users to execute arbitrary code by modifying the PATH environment variable to point to a malicious "make" program...