CVE-2003-0124

Name of the Vulnerable Software and Affected Versions man versions prior to 1.5l

Description The issue allows attackers to execute arbitrary code via a malformed man file with improper quotes. This can lead to a violation of confidentiality, integrity, and availability of protected information. The exploitation of the issue can be carried out locally.

Recommendations For versions prior to 1.5l, update to version 1.5l or later to resolve the issue. As a temporary workaround, consider restricting access to malformed man files to minimize the risk of exploitation. Avoid using the my xsprintf function in the affected man package until the issue is resolved.