VYPR
Unrated severityNVD Advisory· Published Dec 19, 2000· Updated Jun 16, 2026

CVE-2000-0803

CVE-2000-0803

Description

GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff.

Affected products

2
  • GNU/Groff2 versions
    cpe:2.3:a:gnu:groff:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:gnu:groff:*:*:*:*:*:*:*:*range: <1.17
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.