CVE-2000-0803
GNU Groff < 1.17 - Privilege Escalation via Malicious Device Description File
Title source: llmDescription
GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff.
References (1)
Core 1
Core References
VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/5280
Scores
EPSS
0.0084
EPSS Percentile
74.9%
Details
Status
published
Products (1)
gnu/groff
< 1.17
Published
Dec 19, 2000
Tracked Since
Feb 18, 2026