Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-1178 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Project X11r6

4 documents4 sources

Severity

7.2HIGHNVD

EPSS

0.2%

top 64.10%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Timeline

PublishedJul 11

Latest updateApr 30

Description

Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable.

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

GHSA

GHSA-g6r4-pgjx-j3v6: Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable↗2022-04-30

▶

CVEList

CVE-2001-1178: Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable↗2002-03-15

▶

Exploit-DB

XFree86 X11R6 3.3.2 XMan - ManPath Environment Variable Buffer Overflow↗2001-06-11

▶