Heap-based buffer overflow in the open_man_file function in callbacks.c in gmanedit 0.4.1 allows remote attackers to execute arbitrary code via a crafted man page, which is not properly handled during utf8 conversion. NOTE: another overflow was reported using a configuration file, but that vector does not have a scenario that crosses privilege boundaries.
Max CVSS
9.3
EPSS Score
9.01%
Published
2008-09-11
Updated
2017-08-08
1 vulnerabilities found