CVE-2003-1308

Medium

4.6/10

Summary

CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x before 2.5.10 and 2.4.x before 2.4.18 allows local users to execute arbitrary commands via carriage returns in a filename.

Access Complexity: LOW
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: PARTIAL

References

Advisory Timeline

Published Dec 31, 2003

CVE-2003-1308

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS