Buffer overflow in man and mandb (man-db) 2.4.3 and previous versions allows local users to execute arbitrary code via crafted arguments to the -H flag.
source: wwwsecurityfocuscom/bid/23355/info
The 'man' command is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before using it in a memory copy operation
NOTE: Presumably, this issue is exploitable only when 'man' has been installed setuid
Exploiting this issue allows attac ...