Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-8x36-txn8-wufy
Vulnerability ID VCID-8x36-txn8-wufy
Aliases CVE-2003-1023
Summary Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion.
Status Published
Exploitability 0.5
Weighted Severity 0.1
Risk 0.1
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.08278 https://api.first.org/data/v1/epss?cve=CVE-2003-1023
epss 0.08278 https://api.first.org/data/v1/epss?cve=CVE-2003-1023
epss 0.08278 https://api.first.org/data/v1/epss?cve=CVE-2003-1023
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-1023.json
https://api.first.org/data/v1/epss?cve=CVE-2003-1023
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1023
1617123 https://bugzilla.redhat.com/show_bug.cgi?id=1617123
RHSA-2004:034 https://access.redhat.com/errata/RHSA-2004:034
RHSA-2004:035 https://access.redhat.com/errata/RHSA-2004:035
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.92429
EPSS Score 0.08278
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-11T20:23:39.405018+00:00 Debian Oval Importer Import https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0