{
  "modified": "2025-08-09T19:01:27Z",
  "published": "2003-12-31T05:00:00Z",
  "id": "CVE-2003-1308",
  "details": "CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x before 2.5.10 and 2.4.x before 2.4.18 allows local users to execute arbitrary commands via carriage returns in a filename.",
  "references": [
    {
      "type": "EVIDENCE",
      "url": "http://www.securityfocus.com/bid/9161"
    },
    {
      "type": "FIX",
      "url": "http://www.securityfocus.com/bid/9161"
    },
    {
      "type": "WEB",
      "url": "http://www.fvwm.org/news/"
    }
  ]
}
