makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary files via a man page whose name contains shell metacharacters.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| wolfram_schneider | makewhatis | * |