CVE-2003-1308

Description

CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x before 2.5.10 and 2.4.x before 2.4.18 allows local users to execute arbitrary commands via carriage returns in a filename.

Affected packages (1)

• Debian/fvwmfrom 0, < 2.5.10-1

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2003-1308