2005-01-19 10:00:00
mitre
PUBLISHED
inpview in SGI IRIX allows local users to execute arbitrary commands via the SUN_TTSESSION_CMD environment variable, which is executed by inpview without dropping privileges.