Vulnerabilities > CVE-2003-1308 - Unspecified vulnerability in Fvwm

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

fvwm

exploit available

NVD

Published: 2003-12-31

Updated: 2024-11-20

Summary

CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x before 2.5.10 and 2.4.x before 2.4.18 allows local users to execute arbitrary commands via carriage returns in a filename.

Vulnerable Configurations

Part	Description	Count
Application	Fvwm Fvwm Fvwm *	1

Exploit-Db

description	FVWM 2.4/2.5 fvwm-menu-directory Command Execution Vulnerability. CVE-2003-1308 . Local exploit for linux platform
id	EDB-ID:23414
last seen	2016-02-02
modified	2003-12-05
published	2003-12-05
reporter	auto22238
source	https://www.exploit-db.com/download/23414/
title	FVWM 2.4/2.5 fvwm-menu-directory Command Execution Vulnerability

Statements

contributor	Mark J Cox
lastmodified	2006-11-22
organization	Red Hat
statement	Not vulnerable. Red Hat Enterprise Linux 2.1 shipped with fvwm, however this issue does not affect the included version of fvwm.

Summary

Vulnerable Configurations

Exploit-Db

Statements

References